What is the severity of CVE-2012-2128?

CVE-2012-2128 is considered a moderate severity vulnerability due to the potential for unauthorized actions by an attacker.

How do I fix CVE-2012-2128?

To mitigate CVE-2012-2128, ensure you are using a patched version of DokuWiki that addresses this vulnerability.

Who is affected by CVE-2012-2128?

Administrators using DokuWiki version 2012-01-25 are at risk from the CVE-2012-2128 vulnerability.

What type of vulnerability is CVE-2012-2128?

CVE-2012-2128 is classified as a cross-site request forgery (CSRF) vulnerability.

Are there any workarounds for CVE-2012-2128?

Disabling remote access to administrative functions can serve as a temporary workaround for CVE-2012-2128.

Vulnerability/
CVE-2012-2128

medium

6.8

CWE

352 79

22/4/2012

27/8/2012

6/8/2024

CVE-2012-2128: CSRF

First published: Sun Apr 22 2012(Updated: )

** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. NOTE: this issue has been disputed by the vendor, who states that it is resultant from CVE-2012-2129: "the exploit code simply uses the XSS hole to extract a valid CSRF token."

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
DokuWiki	=2012-01-25

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-2128?
CVE-2012-2128 is considered a moderate severity vulnerability due to the potential for unauthorized actions by an attacker.
How do I fix CVE-2012-2128?
To mitigate CVE-2012-2128, ensure you are using a patched version of DokuWiki that addresses this vulnerability.
Who is affected by CVE-2012-2128?
Administrators using DokuWiki version 2012-01-25 are at risk from the CVE-2012-2128 vulnerability.
What type of vulnerability is CVE-2012-2128?
CVE-2012-2128 is classified as a cross-site request forgery (CSRF) vulnerability.
Are there any workarounds for CVE-2012-2128?
Disabling remote access to administrative functions can serve as a temporary workaround for CVE-2012-2128.

agent/type
agent/first-publish-date
agent/weakness
agent/references
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2012-2128
agent/severity
agent/author
agent/status
agent/softwarecombine
agent/description
collector/mitre-cve
source/MITRE
agent/event
agent/last-modified-date
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
vendor/andreas gohr
canonical/dokuwiki
version/dokuwiki/2012-01-25
status/disputed

Frequently Asked Questions

What is the severity of CVE-2012-2128?
CVE-2012-2128 is considered a moderate severity vulnerability due to the potential for unauthorized actions by an attacker.
How do I fix CVE-2012-2128?
To mitigate CVE-2012-2128, ensure you are using a patched version of DokuWiki that addresses this vulnerability.
Who is affected by CVE-2012-2128?
Administrators using DokuWiki version 2012-01-25 are at risk from the CVE-2012-2128 vulnerability.
What type of vulnerability is CVE-2012-2128?
CVE-2012-2128 is classified as a cross-site request forgery (CSRF) vulnerability.
Are there any workarounds for CVE-2012-2128?
Disabling remote access to administrative functions can serve as a temporary workaround for CVE-2012-2128.

CVE-2012-2128: CSRF

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-2128?

How do I fix CVE-2012-2128?

Who is affected by CVE-2012-2128?

What type of vulnerability is CVE-2012-2128?

Are there any workarounds for CVE-2012-2128?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2012-2128?

How do I fix CVE-2012-2128?

Who is affected by CVE-2012-2128?

What type of vulnerability is CVE-2012-2128?

Are there any workarounds for CVE-2012-2128?