CVE-2009-0468 - OpenCVE

Multiple cross-site request forgery (CSRF) vulnerabilities in ajax.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allow remote attackers to hijack the authentication of administrators for requests that (1) shutdown the server, (2) send ping packets, (3) enable network services, (4) configure a proxy server, and (5) modify other settings via parameters in the query string.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Armorlogic	Profense Web Application Firewall

Configuration 1 [-]

OR	cpe:2.3:a:armorlogic:profense_web_application_firewall:2.6.2:::::::*
	cpe:2.3:a:armorlogic:profense_web_application_firewall:2.6.3:::::::*

No data.

References

Link	Providers
http://osvdb.org/51660
http://secunia.com/advisories/33739
http://www.securityfocus.com/bid/33523
https://www.exploit-db.com/exploits/7919

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-02-06T01:00:00

Updated: 2024-08-07T04:31:26.253Z

Reserved: 2009-02-05T00:00:00

Link: CVE-2009-0468

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-02-10T07:00:24.767

Modified: 2017-09-29T01:33:50.013

Link: CVE-2009-0468

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-01-29T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in ajax.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allow remote attackers to hijack the authentication of administrators for requests that (1) shutdown the server, (2) send ping packets, (3) enable network services, (4) configure a proxy server, and (5) modify other settings via parameters in the query string."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "33523", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33523"}, {"name": "51660", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/51660"}, {"name": "7919", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/7919"}, {"name": "33739", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33739"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0468", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in ajax.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allow remote attackers to hijack the authentication of administrators for requests that (1) shutdown the server, (2) send ping packets, (3) enable network services, (4) configure a proxy server, and (5) modify other settings via parameters in the query string."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "33523", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33523"}, {"name": "51660", "refsource": "OSVDB", "url": "http://osvdb.org/51660"}, {"name": "7919", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/7919"}, {"name": "33739", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33739"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:31:26.253Z"}, "title": "CVE Program Container", "references": [{"name": "33523", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/33523"}, {"name": "51660", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/51660"}, {"name": "7919", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/7919"}, {"name": "33739", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33739"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0468", "datePublished": "2009-02-06T01:00:00", "dateReserved": "2009-02-05T00:00:00", "dateUpdated": "2024-08-07T04:31:26.253Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:armorlogic:profense_web_application_firewall:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF7652A0-5B0C-481B-95E5-577D26590D59", "vulnerable": true}, {"criteria": "cpe:2.3:a:armorlogic:profense_web_application_firewall:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "A8D2FE52-2198-4F06-A733-C9157501BDA9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in ajax.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allow remote attackers to hijack the authentication of administrators for requests that (1) shutdown the server, (2) send ping packets, (3) enable network services, (4) configure a proxy server, and (5) modify other settings via parameters in the query string."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de tipo cross-site request forgery (CSRF) en el archivo ajax.html en Profense Web Application Firewall versiones 2.6.2 y 2.6.3, permiten a los atacantes remotos secuestrar la autenticaci\u00f3n de administradores para peticiones que (1) apagan el servidor, (2) env\u00edan paquetes de ping, (3) habilitan servicios de red, (4) configuran un servidor proxy y (5) modifican otras configuraciones por medio de par\u00e1metros en la cadena de consulta."}], "id": "CVE-2009-0468", "lastModified": "2017-09-29T01:33:50.013", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2009-02-10T07:00:24.767", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/51660"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/33739"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/33523"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/7919"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}