CVE-2015-2878: CSRF
First published: Mon Oct 23 2017(Updated: )
Multiple cross-site request forgery (CSRF) vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that (1) add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the (2) Url matching, (3) DNS Inject, or (4) IP Redirect Sensor in a request to interface/rest/dpi/setEnabled/1; or (5) perform whitelisting of malware MD5 hash IDs via the id parameter to interface/rest/md5-threats/whitelist.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Watchguard Hawkeye G | =3.0.1.4912 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-2878?
CVE-2015-2878 is classified as a medium severity vulnerability due to its potential for CSRF attacks against administrators.
How do I fix CVE-2015-2878?
To fix CVE-2015-2878, users should upgrade to a patched version of Hexis HawkEye G that addresses this CSRF vulnerability.
What kind of attacks can CVE-2015-2878 enable?
CVE-2015-2878 can enable remote attackers to hijack administrator authentication and perform unauthorized actions like adding accounts.
Which software versions are affected by CVE-2015-2878?
CVE-2015-2878 affects Hexis HawkEye G version 3.0.1.4912.
Is there a way to mitigate CVE-2015-2878?
Mitigation for CVE-2015-2878 includes implementing proper CSRF protections and user verification mechanisms.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- vendor/watchguard
- canonical/watchguard hawkeye g
- version/watchguard hawkeye g/3.0.1.4912