Vulnerability Details CVE-2012-0286
Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accounts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 56.9%
CVSS Severity
CVSS v2 Score 6.8
References
- http://infosec42.blogspot.com/2012/01/cve-2012-0285-and-cve-2012-0286.html
- http://www.stone-ware.com/support/techdocs/kb/d1960/sb_6_0_8.pdf
- http://www.stone-ware.com/swql.jsp?kb=d1960
- http://infosec42.blogspot.com/2012/01/cve-2012-0285-and-cve-2012-0286.html
- http://www.stone-ware.com/support/techdocs/kb/d1960/sb_6_0_8.pdf
- http://www.stone-ware.com/swql.jsp?kb=d1960
Products affected by CVE-2012-0286
-
cpe:2.3:a:stone-ware:webnetwork:*
-
cpe:2.3:a:stone-ware:webnetwork:6.0.5.0