CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-6443

CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.5%

CVSS Severity

CVSS v2 Score 6.8

References

http://rhn.redhat.com/errata/RHSA-2014-0025.html
http://www.securitytracker.com/id/1029606
http://rhn.redhat.com/errata/RHSA-2014-0025.html
http://www.securitytracker.com/id/1029606

Products affected by CVE-2013-6443

Redhat » Cloudforms » Version: 3.0

cpe:2.3:a:redhat:cloudforms:3.0
Redhat » Cloudforms 3.0 Management Engine » Version: N/A

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:-
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2.1

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-6443

Products

Pricing

Contact Us