PT-2016-5007 · Vmware · Vmware Vrealize Log Insight
Publicado
2016-07-03
·
Atualizado
2017-09-01
·
CVE-2016-2082
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
VMware vRealize Log Insight versions 2.x through 3.x before 3.3.2
Description
A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of victims via unknown vectors.
Recommendations
For versions 2.x through 3.x before 3.3.2, update to version 3.3.2 or later to resolve the issue.
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Vmware Vrealize Log Insight