CVE-2018-6496: MFSBGN03809 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF
First published: Fri Jun 15 2018(Updated: )
Remote Cross-site Request forgery (CSRF) potential has been identified in UCMBD Browser version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1 which could allow for remote unsafe deserialization and cross-site request forgery (CSRF).
Credit: meissner@suse.de
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microfocus Universal Cmbd Browser | >=4.10<=4.15.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/severity
- agent/title
- agent/weakness
- agent/author
- agent/first-publish-date
- agent/tags
- agent/description
- agent/event
- vendor/microfocus
- canonical/microfocus universal cmbd browser
- version/microfocus universal cmbd browser/4.10
- version/microfocus universal cmbd browser/4.15.1