CVE-2015-2770

Loading...

General

Score:6.8/10.0
Severity:Medium
Category:Bounce Attack

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 27/03/15 - Updated on 30/03/15

Description

Cross-site request forgery (CSRF) vulnerability in the command line page in Websense TRITON V-Series appliances before 8.0.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Category: Bounce Attack

CWE-352 (Cross-Site Request Forgery (CSRF))
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

Security Notices

US National Vulnerability DatabaseCVE-2015-2770

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
websensev-series_appliances

Share this vulnerability with:

Twitter Facebook LinkedIn Mail