CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-4586

Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for requests that create a user account via an add_user action in a request to password.cmd.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.5%

CVSS Severity

CVSS v2 Score 6.8

References

http://packetstormsecurity.com/files/132324/CellPipe-7130-Cross-Site-Request-Forgery.html
http://www.securityfocus.com/bid/75384
http://packetstormsecurity.com/files/132324/CellPipe-7130-Cross-Site-Request-Forgery.html
http://www.securityfocus.com/bid/75384

Products affected by CVE-2015-4586

Alcatel-Lucent » Cellpipe 7130 Rg 5ae.m2013 Hol » Version: Any

cpe:2.3:h:alcatel-lucent:cellpipe_7130_rg_5ae.m2013_hol:*
Alcatel-Lucent » Cellpipe 7130 Rg 5ae.m2013 Hol Firmware » Version: 1.0.0.20h.hol

cpe:2.3:o:alcatel-lucent:cellpipe_7130_rg_5ae.m2013_hol_firmware:1.0.0.20h.hol

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4586

Products

Pricing

Contact Us