Lucene search
HistoryApr 22, 2014 - 2:23 p.m.
CVE-2014-2659
cve-2014-2659
csrf
vulnerability
papercut mf
papercut ng
admin ui
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.3 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.7%
Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Affected configurations
Node
papercutpapercut_mfRange≤14.1
ORpapercutpapercut_mfMatch12.0
ORpapercutpapercut_mfMatch12.1
ORpapercutpapercut_mfMatch12.2
ORpapercutpapercut_mfMatch12.3
ORpapercutpapercut_mfMatch12.4
ORpapercutpapercut_mfMatch12.5
ORpapercutpapercut_mfMatch13.0
ORpapercutpapercut_mfMatch13.1
ORpapercutpapercut_mfMatch13.2
ORpapercutpapercut_mfMatch13.3
ORpapercutpapercut_mfMatch13.4
ORpapercutpapercut_mfMatch13.5
ORpapercutpapercut_mfMatch14.0
ORpapercutpapercut_ngRange≤14.1
ORpapercutpapercut_ngMatch12.0
ORpapercutpapercut_ngMatch12.1
ORpapercutpapercut_ngMatch12.2
ORpapercutpapercut_ngMatch12.3
ORpapercutpapercut_ngMatch12.4
ORpapercutpapercut_ngMatch12.5
ORpapercutpapercut_ngMatch13.0
ORpapercutpapercut_ngMatch13.1
ORpapercutpapercut_ngMatch13.2
ORpapercutpapercut_ngMatch13.3
ORpapercutpapercut_ngMatch13.4
ORpapercutpapercut_ngMatch13.5
ORpapercutpapercut_ngMatch14.0
Related
prion
prion
Cross site request forgery (csrf)
2014-04-22 14:23:00
cvelist
cvelist
CVE-2014-2659
2014-04-22 14:00:00
nvd
nvd
CVE-2014-2659
2014-04-22 14:23:35
kaspersky
kaspersky
KLA10291 Multiple vulnerabilities in PaperCut
2014-04-28 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.3 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
52.7%
Related for CVE-2014-2659