Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2016-7123
HistorySep 02, 2016 - 2:59 p.m.

CVE-2016-7123

2016-09-0214:59:10
CWE-352
mitre
web.nvd.nist.gov
38
cve-2016-7123
csrf
vulnerability
gnu mailman
admin
web interface
nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.002

Percentile

52.5%

JSON

Cross-site request forgery (CSRF) vulnerability in the admin web interface in GNU Mailman before 2.1.15 allows remote attackers to hijack the authentication of administrators.

Affected configurations

Nvd
Node
gnumailmanRange2.1.14rc1
VendorProductVersionCPE
gnumailman*cpe:2.3:a:gnu:mailman:*:rc1:*:*:*:*:*:*

Related

cvelist 1
nessus 6
redhatcve 1
nvd 1
ubuntucve 1
debiancve 1
prion 1
freebsd 1
ubuntu 1
openvas 1
cvelist
cvelist
CVE-2016-7123
2016-09-02 14:00:00
nessus
nessus
FreeBSD : mailman -- CSRF hardening in parts of the web interface (9e50dcc3-740b-11e6-94a2-080027ef73ec)
2016-09-08 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Mailman vulnerabilities (USN-3118-1)
2016-11-02 00:00:00
RHEL 6 : mailman (Unpatched Vulnerability)
2024-06-03 00:00:00
redhatcve
redhatcve
CVE-2016-7123
2016-09-05 10:18:57
nvd
nvd
CVE-2016-7123
2016-09-02 14:59:10
ubuntucve
ubuntucve
CVE-2016-7123
2016-09-02 00:00:00
debiancve
debiancve
CVE-2016-7123
2016-09-02 14:59:10
prion
prion
Cross site request forgery (csrf)
2016-09-02 14:59:00
freebsd
freebsd
mailman -- CSRF hardening in parts of the web interface
2011-05-02 00:00:00
ubuntu
ubuntu
Mailman vulnerabilities
2016-11-01 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3118-1)
2016-11-08 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.002

Percentile

52.5%

JSON
Related for CVE-2016-7123
cvelist1nessus6redhatcve1nvd1ubuntucve1debiancve1prion1freebsd1ubuntu1openvas1