Lucene search
PRIOn knowledge basePRION:CVE-2016-6801HistorySep 21, 2016 - 2:25 p.m.
Cross site request forgery (csrf)
2016-09-2114:25:00
PRIOn knowledge base
www.prio-n.com
Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.3, 2.10.x before 2.10.4, 2.12.x before 2.12.4, and 2.13.x before 2.13.3 allows remote attackers to hijack the authentication of unspecified victims for requests that create a resource via an HTTP POST request with a (1) missing or (2) crafted Content-Type header.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jackrabbit | eq | 2.13.1 | |
| jackrabbit | eq | 2.4.3 | |
| jackrabbit | eq | 2.12.3 | |
| jackrabbit | eq | 2.12.2 | |
| jackrabbit | eq | 2.6.5 | |
| jackrabbit | eq | 2.4.1 | |
| jackrabbit | eq | 2.8.0 | |
| jackrabbit | eq | 2.13.2 | |
| jackrabbit | eq | 2.12.0 | |
| jackrabbit | eq | 2.6.2 |
Related
debian
debian
[SECURITY] [DLA 629-1] jackrabbit security update
2016-09-18 16:51:43
[SECURITY] [DSA 3679-1] jackrabbit security update
2016-09-27 10:34:00
openvas
openvas
Debian: Security Advisory (DLA-629-1)
2023-03-08 00:00:00
Apache Jackrabbit Cross-Site Request Forgery (CSRF) Vulnerability - Linux
2016-10-06 00:00:00
Debian Security Advisory DSA 3679-1 (jackrabbit - security update)
2016-10-05 00:00:00
github
github
Apache Jackrabbit Authentication Hijacking Vulnerability
2022-05-17 03:48:02
debiancve
debiancve
CVE-2016-6801
2016-09-21 14:25:21
cvelist
cvelist
CVE-2016-6801
2016-09-21 14:00:00
nessus
nessus
Debian DSA-3679-1 : jackrabbit - security update
2016-09-28 00:00:00
Debian DLA-629-1 : jackrabbit security update
2016-09-19 00:00:00
osv
osv
Apache Jackrabbit Authentication Hijacking Vulnerability
2022-05-17 03:48:02
jackrabbit - security update
2016-09-18 00:00:00
cve
cve
CVE-2016-6801
2016-09-21 14:25:21
nvd
nvd
CVE-2016-6801
2016-09-21 14:25:21
ubuntucve
ubuntucve
CVE-2016-6801
2016-09-21 00:00:00