{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-09-26T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service, as demonstrated by a request to usermanager/users/modify."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-02-07T10:00:00", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "VU#989684", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/989684"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cerberusftp.com/products/releasenotes.html"}, {"name": "55788", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/55788"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2012-2999", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service, as demonstrated by a request to usermanager/users/modify."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#989684", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/989684"}, {"name": "http://www.cerberusftp.com/products/releasenotes.html", "refsource": "CONFIRM", "url": "http://www.cerberusftp.com/products/releasenotes.html"}, {"name": "55788", "refsource": "BID", "url": "http://www.securityfocus.com/bid/55788"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:50:05.454Z"}, "title": "CVE Program Container", "references": [{"name": "VU#989684", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/989684"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cerberusftp.com/products/releasenotes.html"}, {"name": "55788", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/55788"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2012-2999", "datePublished": "2012-10-04T19:00:00", "dateReserved": "2012-05-30T00:00:00", "dateUpdated": "2024-08-06T19:50:05.454Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cerberusftp:ftp_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "F54BD273-3356-4EB7-A5D1-1018E5A4D58C", "versionEndIncluding": "5.0.4.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.0:-:*:*:*:*:*:*", "matchCriteriaId": "B584BB0D-C9F0-42E4-8CB2-F7AFB31884A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "E35C53A7-91D6-46F3-B294-07FCB721AF05", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "664176FA-1775-46AF-9EA2-3B5C96A36A05", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D6D98E88-557E-4249-8D30-4F1EE7ECE5C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.02:*:*:*:*:*:*:*", "matchCriteriaId": "7097C6AD-6BE7-4267-9C88-E097A0CFC0EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.03:*:*:*:*:*:*:*", "matchCriteriaId": "80EB8701-85F8-4BA5-8A93-1B47E655B8B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "207A3423-BE63-4B3A-BC28-8643048C096F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.05:*:*:*:*:*:*:*", "matchCriteriaId": "91BB1247-BE77-4075-B6AE-5E28A3D9B594", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.6:beta:*:*:*:*:*:*", "matchCriteriaId": "D69CDFCD-ACA9-42E9-BBD8-90F6A69E4468", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "9590014E-7F1A-4799-80FE-9041192D3CBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.22:*:*:*:*:*:*:*", "matchCriteriaId": "67B56FFF-E508-476D-B2AD-24DC999F3582", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:1.71:*:*:*:*:*:*:*", "matchCriteriaId": "CA0854BD-2D96-403C-BB22-BC1BE162E241", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1B36CD14-4E0E-4238-9AEA-37D879F995A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "3B0F42BB-61DB-4268-9092-05052D478AB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "819A6EF5-107C-47DF-BFFD-5BA29428F280", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "117D42CD-F063-41CD-AABF-A0C96E35D838", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "62D032F0-28E2-4EB2-A3DC-67413BF08C4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5EEDD9AC-75E7-49F3-9362-D4B99A944C3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "9B1DCA79-73FA-46D4-AF57-074373DE7503", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "80D47E85-BB68-4C4D-8888-25422AC4B76D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7E842263-7AF3-463D-814D-F63199F3C21B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.02:beta:*:*:*:*:*:*", "matchCriteriaId": "C63CED4F-F823-4310-AD78-11B5C82167E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.2:beta1:*:*:*:*:*:*", "matchCriteriaId": "3445BC51-DB9F-4E14-B0DE-806FBCD9641E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.2:beta2:*:*:*:*:*:*", "matchCriteriaId": "B7454163-9481-4CBD-85CB-9C6798181E05", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.2:beta3:*:*:*:*:*:*", "matchCriteriaId": "3F169EEB-89E1-4248-A185-38433D1A8573", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "AD5D97C7-5A06-44EF-BF46-F5DE3C30F16E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "DC1FA9C0-77D0-403C-ADED-7D9E89BFFC96", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.4:beta1:*:*:*:*:*:*", "matchCriteriaId": "C4B7B5AB-3C5E-4D9A-816C-892FD4DA3284", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.4:beta2:*:*:*:*:*:*", "matchCriteriaId": "EBF4BA1E-5B31-42FD-897A-455FDF9C0A15", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.4:beta3:*:*:*:*:*:*", "matchCriteriaId": "FCE4860E-8A9F-4E38-81DC-291F317E8700", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.11:*:*:*:*:*:*:*", "matchCriteriaId": "35F0613F-FD01-4E57-BD8F-181DC14A948C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.11:beta:*:*:*:*:*:*", "matchCriteriaId": "620FAAEE-A52D-4710-BCB0-3D07F1453BF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.11:beta2:*:*:*:*:*:*", "matchCriteriaId": "FBE8B552-FA88-4C5C-9296-6BC9908E3F2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.15:*:*:*:*:*:*:*", "matchCriteriaId": "B752D925-6A84-4885-A697-D868C06B1E25", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.15:beta:*:*:*:*:*:*", "matchCriteriaId": "29440529-9BDA-4738-853E-85E54CB951C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.16:*:*:*:*:*:*:*", "matchCriteriaId": "8C3E6A73-0475-46AB-9B88-690A39D3E411", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.21:*:*:*:*:*:*:*", "matchCriteriaId": "1CF2C736-C686-4501-A4AE-227ABC218EBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.22:*:*:*:*:*:*:*", "matchCriteriaId": "1F59FE48-F91C-45FD-BB3C-4F5186C430D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.23:beta:*:*:*:*:*:*", "matchCriteriaId": "EEA0F5DF-228C-4F01-8A8F-90A9A6FBDF10", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.31:*:*:*:*:*:*:*", "matchCriteriaId": "9D0D9A2E-6B38-437F-B89C-AC7546057B6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.32:*:*:*:*:*:*:*", "matchCriteriaId": "2093E888-B80F-4318-AD14-CE0295E3B0E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.41:*:*:*:*:*:*:*", "matchCriteriaId": "E6B0C7F7-9349-4AC9-8D74-E2C8AB1F0C13", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.42:*:*:*:*:*:*:*", "matchCriteriaId": "23B56CAD-6783-46E5-A82D-EB2A14A8A354", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.43:*:*:*:*:*:*:*", "matchCriteriaId": "14182912-05FE-4CD3-B457-6EFF91D8DF42", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.44:*:*:*:*:*:*:*", "matchCriteriaId": "2B06481D-2BB9-4A56-AE8B-1A264B4EE207", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.45:*:*:*:*:*:*:*", "matchCriteriaId": "FB03F569-A146-4D9D-B065-46D95BE8FDF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.46:*:*:*:*:*:*:*", "matchCriteriaId": "543E96D3-6882-405C-9E9C-0B36D426C0F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.47:*:*:*:*:*:*:*", "matchCriteriaId": "C87C96DD-5302-45CB-B95D-3D174420CE99", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.48:*:*:*:*:*:*:*", "matchCriteriaId": "C8F27A27-2596-4562-B739-083EBF272763", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.49:*:*:*:*:*:*:*", "matchCriteriaId": "01A7296B-F5F4-43E2-8527-304EEA996629", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:2.50:*:*:*:*:*:*:*", "matchCriteriaId": "1ABED3D7-4B80-46D8-88F4-0F66510D2E2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BC21599-EB4C-49CD-A046-13148102E43F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "363BB778-0C5C-4FEC-BC82-250C026BDE06", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "0761D7FE-1EB2-4D94-BD38-2F7B8AA8970B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "883FE03E-555B-49E7-BECA-8554F05D007E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "E9C71CB9-59D4-44BC-BD79-2E3004D3A1C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "5512BB61-B912-407F-8398-E49D05B2887C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "BDC63773-FBA3-45CF-95DC-AE86D621217E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "9EF37E3B-B1E3-4200-9A5B-34FCBFAC830A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "4BF3E234-FB2A-4906-A3E2-E08A8BCDB1BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "074DDB0D-D55A-4BB5-AF54-82AE2453AB0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7816C89-2D67-463E-B2B7-B4ACEB24F89B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "9CC79111-1B16-4C8D-BEF3-578789D7F662", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D846F22D-3BED-4D12-8B0D-99AF20FF1FA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "0EC052F4-074D-4A1C-ACF9-628782345430", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B0923BF4-AC10-4DC0-BF1B-6AE80D5C51B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "CE2E29B7-BB38-430B-949A-EDCA45833CCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "1AE9FE3C-8ED8-4CDA-B032-42BEB08C446D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "39D76CD3-EBAB-4847-A570-D2C0C5B0DC7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:3.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "837B942E-8815-4C27-ABF1-4B3131C3CFD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3F3EBCA3-E786-49CB-8CAF-34D35D4A3C83", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "FB613A86-7837-4C5B-9194-3238D9BD2F45", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "018B6603-904D-42FA-B1C3-6EAD3CE6B8E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "A2738E91-6B27-4918-8CFD-FB17685D431A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "BA7BCD1A-8EC9-4527-AA66-A3C109D6064C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A46EFDE2-8E57-4102-8DC0-F8D626D5C052", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "281FCCA7-0558-4230-A295-43D8588103A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "EB7F85EE-3412-467E-A3B5-D9828CBCE31C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:4.0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "FBE639D4-7B95-4E0A-8E34-A33D25F7EFB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7E2E1E01-7F35-4ABA-9105-ECBB68899485", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "53024BD3-68C8-4C0B-BC6A-47B495094FFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "D5022CA1-F5D4-430F-AFEA-52575FDCD7E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "14FC2D7A-34EB-4C56-BE7E-B131DBA817B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B911C27F-79B8-4362-99F1-A54A50CB2BF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "F1EFBAB9-CE22-41A2-8F31-322DD10B06E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "5B4BDBF7-337C-4CC0-8C9B-062CA6B1C254", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "3AECC625-FB34-468D-8FE9-B47C06F964F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7BEF8406-AABD-4662-A120-DB62B4777FCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F391EB76-A9CC-4E3F-8174-980FCB715847", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "C05E2DDE-FD5A-4BDB-BDE4-8E2B0C26F77F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A695B11F-7EA3-4F25-9235-806132131EF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "765B829B-78E8-4D5D-B0BF-70E6E6896FF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "588137BE-E566-4265-8AF8-BB0AF4F3AC88", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "8CD056AD-E033-457E-879C-59E113347606", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "3185B882-BA96-47F2-BFB3-15F54B87B30D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cerberusftp:ftp_server:5.0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "3394D029-0A78-4F60-BEBE-B00F52145B95", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service, as demonstrated by a request to usermanager/users/modify."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en el interfase web de Cerberus FTP Server anteriores a v5.0.5.0, permite a atacantes remotos secuestrar la autenticaci\u00f3n de los administradores para peticiones que (1) (1) a\u00f1adan una cuenta de usuario o (2) reconfiguren el estado del servicio FTP, como se demostr\u00f3 por una petici\u00f3n sobre usermanager/users/modify."}], "id": "CVE-2012-2999", "lastModified": "2013-02-07T04:56:24.360", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-10-04T19:55:00.790", "references": [{"source": "cret@cert.org", "url": "http://www.cerberusftp.com/products/releasenotes.html"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/989684"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/bid/55788"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}