CVE-2013-6443
published 2014-01-23CVE-2013-6443: CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | cloudforms | — | — |
| redhat | cloudforms_3.0_management_engine | <= 5.2.1 | — |
| redhat | cloudforms_3.0_management_engine | — | — |