Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-07-01T18:00:00Z

Updated: 2024-09-16T22:02:22.454Z

Reserved: 2010-07-01T00:00:00Z

Link: CVE-2010-2594

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-07-02T12:43:52.970

Modified: 2024-11-21T01:16:57.990

Link: CVE-2010-2594

cve-icon Redhat

No data.