PT-2024-31666 · Intersafe+1 · Intersafe Webfilter+1
Yoshiaki Komeyama
·
Published
2024-09-09
·
Updated
2024-11-04
·
CVE-2024-45504
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
Alps System Integration products (affected versions not specified)
InterSafe WebFilter (affected versions not specified)
Description:
A cross-site request forgery (CSRF) issue allows a remote unauthenticated attacker to hijack the authentication of the user and perform unintended operations if the user views a malicious page while logged in. This can lead to unauthorized actions.
Recommendations:
For Alps System Integration products, upgrade the affected component as soon as possible to mitigate the risk.
For InterSafe WebFilter, upgrade the affected component as soon as possible to mitigate the risk.
As a temporary workaround, consider restricting access to sensitive operations while logged in to minimize the risk of exploitation.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alps System Integration
Intersafe Webfilter