PT-2010-3761 · Fujitsu · E-Pares

Akihide Yamatani

Published

2010-06-03

Updated

2010-06-04

CVE-2010-2151

CVSS v2.0

2.6

Low

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Fujitsu e-Pares versions V01 L01, V01 L03, V01 L10, V01 L20, V01 L30, V01 L40

Description A cross-site request forgery (CSRF) issue allows remote attackers to hijack user authentication for requests that modify facility reservation data.

Recommendations For versions V01 L01, V01 L03, V01 L10, V01 L20, V01 L30, V01 L40, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2010-2151

Affected Products

E-Pares

PT-2010-3761 · Fujitsu · E-Pares

CVE-2010-2151

Weakness Enumeration

Related Identifiers

Affected Products

References · 6