Lucene search
HpCVE-2015-5451HistoryNov 23, 2015 - 3:59 a.m.
CVE-2015-5451
2015-11-2303:59:00
CWE-352
hp
web.nvd.nist.gov
23
cve-2015-5451
csrf
hp operations orchestration central
remote attackers
authentication hijacking
nvd
security vulnerability
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
46.9%
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Affected configurations
Node
hpoperations_orchestrationRange≤10.22.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hp | operations_orchestration | * | cpe:2.3:a:hp:operations_orchestration:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2015-11-23 03:59:00
nessus
nessus
HP Operations Orchestration 10.x < 10.22.001 XSRF
2015-12-02 00:00:00
cvelist
cvelist
CVE-2015-5451
2015-11-23 02:00:00
nvd
nvd
CVE-2015-5451
2015-11-23 03:59:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
46.9%
Related for CVE-2015-5451