CVE-2018-6497

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions UCMBD Server versions 10.20 through 11.0 CMS Server version 2018.05 BACKGROUND

Description A remote Cross-site Request forgery (CSRF) potential has been identified, which could allow for remote unsafe deserialization and cross-site request forgery (CSRF).

Recommendations For UCMBD Server versions 10.20 through 11.0, update to a version that includes the fix for this issue. For CMS Server version 2018.05 BACKGROUND, update to a version that includes the fix for this issue.

Fix

CSRF

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352CWE-502

Related Identifiers

CVE-2018-6497

Affected Products

Cms Server

Ucmbd Server

CVE-2018-6497

Weakness Enumeration

Related Identifiers

Affected Products

References · 4