Lucene search
MitreCVE-2010-5085HistoryFeb 14, 2012 - 8:55 p.m.
CVE-2010-5085
2012-02-1420:55:04
CWE-352
mitre
web.nvd.nist.gov
29
csrf
vulnerabilities
hulihan amethyst 0.1.5
admin/update_user
cve-2010-5085
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.013
Percentile
85.8%
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/update_user in Hulihan Amethyst 0.1.5, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the site’s configuration.
Affected configurations
Node
hulihanapplicationsamethystMatch0.1.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hulihanapplications | amethyst | 0.1.5 | cpe:2.3:a:hulihanapplications:amethyst:0.1.5:*:*:*:*:*:*:* |
Related
htbridge
htbridge
Multiple Vulnerabilities in Amethyst
2010-07-22 00:00:00
cvelist
cvelist
CVE-2010-5085
2012-02-14 20:00:00
prion
prion
Cross site request forgery (csrf)
2012-02-14 20:55:00
nvd
nvd
CVE-2010-5085
2012-02-14 20:55:04
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.013
Percentile
85.8%
Related for CVE-2010-5085