CVE-2016-8513

CWE-352 — Cross-Site Request Forgery (CSRF)3 documents3 sources

Severity

8.0HIGH

EPSS

0.2%

top 62.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Version Control Repository Manager Hewlett Packard Enterprise Version Control Repository Manager (vcrm)

Timeline

PublishedFeb 15

Latest updateMay 14

Description

A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5hewlett_packard_enterprise/version_control_repository_manager_(vcrm)All versions prior to 7.6

▶NVDhp/version_control_repository_manager< 7.6

🔴Vulnerability Details

GHSA

GHSA-xc5j-8g2f-8j8q: A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version Control Repository Manager (VCRM) was found↗2022-05-14

▶

CVEList

CVE-2016-8513: A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version Control Repository Manager (VCRM) was found↗2018-02-15

▶