CVE-2010-0153: CSRF
First published: Tue Sep 14 2010(Updated: )
Multiple cross-site request forgery (CSRF) vulnerabilities in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change settings or (2) conduct denial of service attacks.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Proventia Network Mail Security System Virtual Appliance | ||
| Ibm Proventia Network Mail Security System Virtual Appliance Firmware | =1.6 | |
| Ibm Proventia Network Mail Security System Virtual Appliance Firmware | =2.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm proventia network mail security system virtual appliance
- canonical/ibm proventia network mail security system virtual appliance firmware
- version/ibm proventia network mail security system virtual appliance firmware/1.6
- version/ibm proventia network mail security system virtual appliance firmware/2.5