A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-16-133-01 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2017-03-21T16:00:00
Updated: 2024-08-06T00:32:25.717Z
Reserved: 2016-05-05T00:00:00
Link: CVE-2016-4504
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-03-21T16:59:00.163
Modified: 2017-03-24T14:01:44.807
Link: CVE-2016-4504
Redhat
No data.