Lucene search
IbmCVE-2014-6198HistoryJun 28, 2015 - 10:59 a.m.
CVE-2014-6198
2015-06-2810:59:00
CWE-352
ibm
web.nvd.nist.gov
30
cve-2014-6198
csrf
ibm security network protection
authentication hijacking
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
47.7%
Cross-site request forgery (CSRF) vulnerability in IBM Security Network Protection 5.3 before 5.3.1 allows remote attackers to hijack the authentication of arbitrary users.
Affected configurations
Node
ibmsecurity_network_protection_firmwareMatch5.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | security_network_protection_firmware | 5.3 | cpe:2.3:o:ibm:security_network_protection_firmware:5.3:*:*:*:*:*:*:* |
Related
ibm
ibm
cvelist
cvelist
CVE-2014-6198
2015-06-28 10:00:00
prion
prion
Cross site request forgery (csrf)
2015-06-28 10:59:00
nvd
nvd
CVE-2014-6198
2015-06-28 10:59:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.001
Percentile
47.7%
Related for CVE-2014-6198