Redhat : Security Vulnerabilities, CVEs, Published In 2017 (CSRF) CVSS score >= 7

CVE-2017-12159

It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks.
Max CVSS
7.5
EPSS Score
0.32%
Published
2017-10-26
Updated
2019-10-09

CVE-2016-5401

Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page.
Max CVSS
8.8
EPSS Score
0.08%
Published
2017-04-20
Updated
2017-04-26

CVE-2016-0720

Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.
Max CVSS
8.8
EPSS Score
0.21%
Published
2017-04-21
Updated
2023-02-12

CVE-2015-5182

Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
Max CVSS
8.8
EPSS Score
0.15%
Published
2017-09-25
Updated
2023-02-13

CVE-2014-0120

Cross-site request forgery (CSRF) vulnerability in the admin terminal in Hawt.io allows remote attackers to hijack the authentication of arbitrary users for requests that run commands on the Karaf server, as demonstrated by running "shutdown -f."
Max CVSS
8.8
EPSS Score
0.22%
Published
2017-12-29
Updated
2018-01-11
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close