VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-2151
e-pares: Cross-site request forgery (CSRF) vulnerability in ...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2151

Original

Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown vectors.

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-06-03
Source Information Category:
Advisory, Alert
Last Updated:
2010-06-04




Affected Product Tags
cpe:/a:fujitsu:e-pares:l01
cpe:/a:fujitsu:e-pares:l03
cpe:/a:fujitsu:e-pares:l10
cpe:/a:fujitsu:e-pares:l20
cpe:/a:fujitsu:e-pares:l30
cpe:/a:fujitsu:e-pares:l40
cpe:/a:fujitsu:e-pares:v01
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

X High [?]
Medium [?]
Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
X Partial [?]
Complete [?]
[Availability Impact]  [?]
Undefined [?]

X None [?]
Partial [?]
Complete [?]
Alternatives




References
BID 40517




CONFIRM http://software.fujitsu.com/jp/security/vulnerabilities/jvn-36925871-58439007-82465391.html




JVN JVN#82465391




JVNDB JVNDB-2010-000022




SECUNIA 40029




Vulnerability Type Cross-Site Request Forgery (CSRF) (CWE-352)




Copyright © 2010 JPCERT/CC All Rights Reserved.