Lucene search
RedhatCVE-2012-2061HistorySep 17, 2012 - 8:55 p.m.
CVE-2012-2061
2012-09-1720:55:02
CWE-352
redhat
web.nvd.nist.gov
28
cve-2012-2061
csrf vulnerability
drupal
admin tools
authentication hijacking
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.002
Percentile
52.7%
Cross-site request forgery (CSRF) vulnerability in the Admin tools module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors involving “not checking tokens.”
Affected configurations
Node
nijskens_rafadmintools
drupaldrupalMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nijskens_raf | admintools | * | cpe:2.3:a:nijskens_raf:admintools:*:*:*:*:*:*:*:* |
| drupal | drupal | - | cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2012-09-17 20:55:00
nvd
nvd
CVE-2012-2061
2012-09-17 20:55:02
cvelist
cvelist
CVE-2012-2061
2012-09-17 20:00:00
drupal
drupal
SA-CONTRIB-2012-036 - Multiple Modules Unsupported
2012-03-14 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.002
Percentile
52.7%
Related for CVE-2012-2061