Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2010-2594

Published: 02/07/2010 Updated: 02/07/2010
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Intersect Alliance

Vulnerability Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and previous versions on Solaris, Snare Agent 3.1.7 and previous versions on Windows, Snare Agent 1.5.0 and previous versions on Linux and AIX, Snare Agent 1.4 and previous versions on IRIX, Snare Epilog 1.5.3 and previous versions on Windows, and Snare Epilog 1.2 and previous versions on UNIX allow remote malicious users to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port.

Vulnerable Product Search on Vulmon Subscribe to Product

intersect_alliance snare_agent

intersect_alliance snare_agent 3.0.0

intersect_alliance snare_agent 2.5.6

intersect_alliance snare_agent 2.1

intersect_alliance snare_agent 2.5.3

intersect_alliance snare_agent 2.5.2

intersect_alliance snare_agent 2.5

intersect_alliance snare_agent 2.4

intersect_alliance snare_agent 3.2.2

intersect_alliance snare_agent 3.2.1

intersect_alliance snare_agent 3.2.0

intersect_alliance snare_agent 3.1.0

intersect_alliance snare_agent 2.5.7

intersect_alliance snare_agent 2.5.4

intersect_alliance snare_agent 2.3

intersect_alliance snare_agent 2.0

intersect_alliance snare_agent 3.1.4

intersect_alliance snare_agent 3.1.2

intersect_alliance snare_agent 3.1.6

intersect_alliance snare_agent 3.1.5

intersect_alliance snare_agent 3.1.3

intersect_alliance snare_agent 1.1

intersect_alliance snare_agent 0.9.8

intersect_alliance snare_agent 0.9.7

intersect_alliance snare_agent 0.9.6

intersect_alliance snare_agent 0.9.2

intersect_alliance snare_agent 1.4.1

intersect_alliance snare_agent 1.4

intersect_alliance snare_agent 1.3

intersect_alliance snare_agent 1.2

intersect_alliance snare_agent 1.0

intersect_alliance snare_agent 0.9.7a

intersect_alliance snare_epilog 1.3.1

intersect_alliance snare_epilog 1.2

intersect_alliance snare_epilog 1.5.2

intersect_alliance snare_epilog 1.5.1

intersect_alliance snare_epilog 1.5.0

intersect_alliance snare_epilog 1.4.0

intersect_alliance snare_epilog 1.3.3

intersect_alliance snare_epilog

intersect_alliance snare_epilog 1.3

intersect_alliance snare_epilog 1.1

intersect_alliance snare_agent 1.1.1

intersect_alliance snare_agent 1.0.1

intersect_alliance snare_agent 1.1.2

intersect_alliance snare_agent 1.1.0

References

CWE-352http://www.securityfocus.com/bid/41226http://holisticinfosec.org/content/view/144/45/http://www.kb.cert.org/vuls/id/173009http://secunia.com/advisories/39562https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook