CVE-2010-2594

{"id": "CVE-2010-2594", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": true}]}, "published": "2010-07-02T12:43:52.970", "references": [{"url": "http://holisticinfosec.org/content/view/144/45/", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/39562", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/173009", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/41226", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en la interfaz de gesti\u00f3n Web de InterSect Alliance Snare Agent v3.2.3 y anteriores en Solaris, Snare Agent v3.1.7 y anteriores en Windows, Snare Agent v1.5.0 y anteriores en Linux y AIX, Snare Agent v1.4 y anteriores en IRIX, Snare Epilog v1.5.3 y anteriores en Windows, y Snare Epilog v1.2 y anteriores en UNIX permiten a atacantes remotos secuestrar la autenticaci\u00f3n de los administradores para solicitudes que (1) modifiquen la contrase\u00f1a o (2) cambien el puerto de escucha."}], "lastModified": "2010-07-02T12:43:52.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89C72256-1076-4ADE-99FD-3211D4210571", "versionEndIncluding": "3.2.3"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52F1E105-8DD0-4A70-B776-118C0AD297CD"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90D62C11-8F19-4EA2-B69A-4AD59A285DC6"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C12A8C4-BF04-4B1B-8B50-EF6E9BDB14F2"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08EE9563-7416-4572-9B73-8D67F82DD2BC"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36F767D0-6ACB-40AC-8260-0F43E1CB7332"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2432243-5B6A-49B7-A18D-BF902872880B"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "776ADA38-8323-44FC-BB85-823BB31E0FE7"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C74F35D-5B2B-413B-8297-4F8EA65A0CC8"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDF910EF-2A69-4B43-B487-EF476412BFF7"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "316DADD7-21E6-4729-AE75-87DD21977E1E"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23ED0D79-6929-4E77-96EB-3A4DA40E3E2A"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55318889-CE1E-4C38-BC61-7A31F4C4502C"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B22AFA6-E731-49E4-91B7-8659B156D63A"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "526D1EBD-BBFA-42C7-96D6-5B24E447D6C5"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C0B63D1-6D64-4640-A0DA-4A0603456057"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E64BBC83-2C9E-4B35-ACF5-E4A0DD4CACB9", "versionEndIncluding": "3.1.7"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23ED0D79-6929-4E77-96EB-3A4DA40E3E2A"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55318889-CE1E-4C38-BC61-7A31F4C4502C"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE0B343C-3313-480E-AD50-8844C5EE3107"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78246ED3-92E1-4036-B46E-391F398FD05D"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "307FF903-7722-4AE3-B36B-5ED492A0115E"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB68669D-D718-482A-BA8D-8231E9AA6D50"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29DC5182-860C-4D2D-8427-E00A3D0B05F3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0259B24D-3DB9-4A77-BF45-E392A548F4E9", "versionEndIncluding": "1.5.0"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:0.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D25BE641-7C32-4A45-9B3A-8517923B72ED"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:0.9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86A81EDD-98C2-41FA-B3ED-E846E4E287D0"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:0.9.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADE10B2C-41B5-47D3-AE56-874198DFE8EF"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:0.9.7a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC197C77-DD26-43B2-9147-90B476E45891"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:0.9.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94641156-1C85-42AB-B201-CE81432274BF"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9D6CCDA-376C-402B-AC90-5578374B5461"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43FC0A2E-F5F4-4334-8D76-AC097F7BA29B"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A301F579-FC14-4FF0-8383-A0E12B2D461F"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B093131-CABA-4B30-8A2F-E11F3E3D3E51"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "673EE9E4-8465-4659-B65E-5215B09732B8"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AB364B9-E2DB-4FEF-B53F-D3F014B48BDD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0CB340E1-C27D-4D36-A3B3-ABAB84667A53"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A0A0446-6190-44B7-BE90-1B07A3A650D9", "versionEndIncluding": "1.4"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9D6CCDA-376C-402B-AC90-5578374B5461"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A301F579-FC14-4FF0-8383-A0E12B2D461F"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B093131-CABA-4B30-8A2F-E11F3E3D3E51"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "056B3397-81A9-4128-9F49-ECEBE1743EE8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDBAE0DE-4F29-45D5-9B9E-8C9D4D02BD31", "versionEndIncluding": "1.5.3"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49A8709F-5400-4946-B08E-7FF0812DB679"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D1BF5FF-6148-49E1-B58B-E46EA24F7953"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "883D033D-F5D4-4FFD-85F8-CE4054470362"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7231A15-25B7-4D09-B19E-676B2A8F98D0"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBE17A5C-4ED8-4E9A-8E41-730F70D709E9"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9552E0E7-6E7D-4807-9D9E-AF4956C47C61"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52003973-A127-4E33-899A-5533035CF445"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3F842B9-11DE-44DB-B49D-9927E28FE571"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3749470D-5AFD-4391-9CBD-B346CDF76B15"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D371D01-1212-43AD-807A-871FDBC64C9E", "versionEndIncluding": "1.2"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49A8709F-5400-4946-B08E-7FF0812DB679"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0259B24D-3DB9-4A77-BF45-E392A548F4E9", "versionEndIncluding": "1.5.0"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9D6CCDA-376C-402B-AC90-5578374B5461"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A301F579-FC14-4FF0-8383-A0E12B2D461F"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B093131-CABA-4B30-8A2F-E11F3E3D3E51"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "673EE9E4-8465-4659-B65E-5215B09732B8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFC2625D-4978-4D3E-930F-7A4E1AE97832", "versionEndIncluding": "1.1.4"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9D6CCDA-376C-402B-AC90-5578374B5461"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3104865-CA72-4EA6-B12F-C1866B838C74"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7BA01B6-7ABB-4A61-8349-CDF81B38016C"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D9262BE-6BD7-48D5-BE9E-66404F6B4C02"}, {"criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BC22219-2F56-4562-B409-1F504A734064"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21"}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}