CVE-2007-5259 — MEDIUM (4.3)

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in Ilient SysAid 4.5.03 and 4.5.04 allows remote attackers to perform some actions as administrators, as demonstrated by changing the administrator password. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Ilient	Sysaid	4.5.03

Related Weaknesses (CWE)

CWE-352

References

http://osvdb.org/37663
http://secunia.com/advisories/27026Vendor Advisory
http://www.securityfocus.com/bid/25885
http://osvdb.org/37663
http://secunia.com/advisories/27026Vendor Advisory
http://www.securityfocus.com/bid/25885

FAQ

What is CVE-2007-5259?

CVE-2007-5259 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in Ilient SysAid 4.5.03 and 4.5.04 allows remote attackers to perform some actions as administrators, as demonstrated by changing the administrator pass...

How severe is CVE-2007-5259?

CVE-2007-5259 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-5259?

Check the references section above for vendor advisories and patch information. Affected products include: Ilient Sysaid.