Lucene search
RedhatCVE-2012-5549HistoryDec 03, 2012 - 9:55 p.m.
CVE-2012-5549
2012-12-0321:55:02
CWE-352
redhat
web.nvd.nist.gov
21
cve-2012-5549
cross-site request forgery
csrf vulnerability
time spent module
drupal
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
39.7%
Cross-site request forgery (CSRF) vulnerability in the Time Spent module 6.x and 7.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Affected configurations
Node
carlos_carvalhartime_spentMatch6.x-2.x
ORcarlos_carvalhartime_spentMatch7.x-2.x
drupaldrupalMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| carlos_carvalhar | time_spent | 6.x-2.x | cpe:2.3:a:carlos_carvalhar:time_spent:6.x-2.x:*:*:*:*:*:*:* |
| carlos_carvalhar | time_spent | 7.x-2.x | cpe:2.3:a:carlos_carvalhar:time_spent:7.x-2.x:*:*:*:*:*:*:* |
| drupal | drupal | - | cpe:2.3:a:drupal:drupal:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-5549
2012-12-03 21:00:00
nvd
nvd
CVE-2012-5549
2012-12-03 21:55:02
prion
prion
Cross site request forgery (csrf)
2012-12-03 21:55:00
drupal
drupal
SA-CONTRIB-2012-157 - Time Spent - Multiple Vulnerabilities - (unsupported)
2012-10-24 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
39.7%
Related for CVE-2012-5549