CVE-2012-6493

Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console before 5.5.4 allows remote attackers to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:rapid7:nexpose:*:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.12:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.11:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.10:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.5:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.4:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.3:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.2:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.9:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.7:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.1:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.8:*:*:*:*:*:*:*
cpe:2.3:a:rapid7:nexpose:5.4.6:*:*:*:*:*:*:*

Information

Published : 2014-02-04 14:55

Updated : 2014-02-24 14:17


NVD link : CVE-2012-6493

Mitre link : CVE-2012-6493


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

rapid7

  • nexpose