Cross-site request forgery (CSRF) vulnerability in the admin terminal in Hawt.io allows remote attackers to hijack the authentication of arbitrary users for requests that run commands on the Karaf server, as demonstrated by running "shutdown -f."
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2017-12-29T22:00:00

Updated: 2024-08-06T09:05:38.398Z

Reserved: 2013-12-03T00:00:00

Link: CVE-2014-0120

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-12-29T22:29:00.270

Modified: 2024-11-21T02:01:25.367

Link: CVE-2014-0120

cve-icon Redhat

Severity : Moderate

Publid Date: 2014-04-14T00:00:00Z

Links: CVE-2014-0120 - Bugzilla