Summary
This host is running Uniform Server and is prone to multiple Cross-Site Request Forgery vulnerabilities.
Impact
Successful exploitation will allow attackers to change the administrator's password by tricking a logged in administrator into visiting a malicious web site.
Impact Level: Application.
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Insight
The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests.
Affected
Uniform Server version 5.6.5 and prior.
References
Severity
Classification
-
CVE CVE-2010-2113 -
CVSS Base Score: 3.5
AV:N/AC:M/Au:S/C:N/I:P/A:N
Related Vulnerabilities