Lucene search
MitreCVE-2009-1733HistoryMay 20, 2009 - 7:30 p.m.
CVE-2009-1733
2009-05-2019:30:00
CWE-352
mitre
web.nvd.nist.gov
19
ipplan
csrf
vulnerability
authentication
admins
password change
user add
user delete
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.002
Percentile
52.7%
Cross-site request forgery (CSRF) vulnerability in IPplan 4.91a allows remote attackers to hijack the authentication of administrators for requests that (1) change the password, (2) add users, or (3) delete users via unknown vectors.
Affected configurations
Node
richard_ellerbrockipplanMatch4.91a
| Vendor | Product | Version | CPE |
|---|---|---|---|
| richard_ellerbrock | ipplan | 4.91a | cpe:2.3:a:richard_ellerbrock:ipplan:4.91a:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2009-1733
2009-05-20 19:00:00
prion
prion
Cross site request forgery (csrf)
2009-05-20 19:30:00
nvd
nvd
CVE-2009-1733
2009-05-20 19:30:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.002
Percentile
52.7%
Related for CVE-2009-1733