CVE-2008-5115
published 2008-11-18CVE-2008-5115: Cross-site request forgery (CSRF) vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to hijack the…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
EXPLOIT
Cross-site request forgery (CSRF) vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to hijack the authentication of administrators for requests that update the password via idm/admin/changeself.jsp.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sun | java_system_identity_manager | — | — |
| sun | java_system_identity_manager | — | — |
| sun | java_system_identity_manager | — | — |