CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-0153

Multiple cross-site request forgery (CSRF) vulnerabilities in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change settings or (2) conduct denial of service attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.3%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2010-0153

Ibm » Proventia Network Mail Security System Virtual Appliance » Version: Any

cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance:*
Ibm » Proventia Network Mail Security System Virtual Appliance Firmware » Version: 1.6

cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance_firmware:1.6
Ibm » Proventia Network Mail Security System Virtual Appliance Firmware » Version: 2.5

cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance_firmware:2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-0153

Products

Pricing

Contact Us