Lucene search

[email protected]NVD:CVE-2012-2605

HistoryJun 13, 2012 - 3:55 p.m.

CVE-2012-2605

2012-06-1315:55:01

CWE-352

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.0%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that (1) insert XSS sequences or (2) send messages to clients.

Affected configurations

NVD

Node

bradfordnetworksnetwork_sentry_appliance_softwareRange≤5.3

AND

bradfordnetworksnetwork_sentry_applianceMatchns500rx

bradfordnetworksnetwork_sentry_applianceMatchns500x

References

www.kb.cert.org/vuls/id/709939

www.kb.cert.org/vuls/id/MAPG-8TJKAF

na3.salesforce.com/sfc/#version?selectedDocumentId=06950000000IySO

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.0%

JSON

Related for NVD:CVE-2012-2605

cvelist1 cve1 prion1 cert1