Kaspersky LabKLA10331KLA10331 SB vulnerability in Snare
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.1%
A CSRF vulnerability was found in Snare. By exploiting this vulnerability malicious users can hijack administrator auth. This vulnerability can be exploited remotely.
Original advisories
Related products
CVE list
CVE-2010-2594 high
Solution
Update to latest version
Impacts
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Affected Products
- InterSect Alliance Snare Agent versions 3.2.3 and earlier for SolarisInterSect Alliance Snare Agent versions 3.1.7 and earlier for WindowsInterSect Alliance Snare Agent versions 1.5.0 and earlier for Linux and AIXInterSect Alliance Snare Agent versions 1.4 and earlier for IRIXInterSect Alliance Snare Epilog versions 1.5.3 and earlier for WindowsInterSect Alliance Snare Epilog versions 1.2 and earlier for UNIX
Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.1%