CVE-2016-4469 : Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3

Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action.

Published 2016-07-28 16:59:00

Updated 2025-04-12 10:46:41

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Cross-site request forgery (CSRF)

Products affected by CVE-2016-4469

Apache » Archiva
Versions up to, including, (<=) 1.3.9
cpe:2.3:a:apache:archiva:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-4469

EPSS FAQ

0.86%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 73 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-4469

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
8.8	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2016-4469

CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-4469

http://www.securitytracker.com/id/1036475

Apache Archiva Input Validation Flaws Let Remote Users Conduct Cross-Site Request Forgery and Cross-Site Scripting Attacks - SecurityTracker

CVEs referencing this url
https://www.exploit-db.com/exploits/40109/

Apache Archiva 1.3.9 - Multiple Cross-Site Request Forgery Vulnerabilities
http://seclists.org/fulldisclosure/2016/Jul/37

Full Disclosure: [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries
https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E

[GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1 - Pony Mail

CVEs referencing this url
http://www.securityfocus.com/archive/1/538877/100/0/threaded

SecurityFocus
https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E

[GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1-Apache Mail Archives

CVEs referencing this url
http://www.securityfocus.com/bid/91703

Apache Archiva CVE-2016-4469 Multiple Cross-Site Request Forgery Vulnerabilities
http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html

Apache Archiva 1.3.9 Cross Site Request Forgery ≈ Packet Storm
Exploit;Third Party Advisory

Jump to

Vulnerability Details : CVE-2016-4469

Products affected by CVE-2016-4469

Exploit prediction scoring system (EPSS) score for CVE-2016-4469

CVSS scores for CVE-2016-4469

CWE ids for CVE-2016-4469

References for CVE-2016-4469