Lucene search

[email protected]NVD:CVE-2010-3030

HistoryAug 17, 2010 - 8:00 p.m.

CVE-2010-3030

2010-08-1720:00:04

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.001

Percentile

49.7%

JSON

Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

tomaz-murausopen_blogMatch1.2.1

VendorProductVersionCPE
tomaz-murausopen_blog1.2.1cpe:2.3:a:tomaz-muraus:open_blog:1.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tomaz-muraus	open_blog	1.2.1	cpe:2.3:a:tomaz-muraus:open_blog:1.2.1:::::::*

References

secunia.com/advisories/40876

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.001

Percentile

49.7%

JSON

Related for NVD:CVE-2010-3030

prion1 cvelist1 cve1 exploitdb1