CVE-2016-6801 in Jackrabbitinfo

Zusammenfassung

von MITRE

Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.3, 2.10.x before 2.10.4, 2.12.x before 2.12.4, and 2.13.x before 2.13.3 allows remote attackers to hijack the authentication of unspecified victims for requests that create a resource via an HTTP POST request with a (1) missing or (2) crafted Content-Type header.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

12.08.2016

Veröffentlichung

21.09.2016

Moderieren

akzeptiert

Eintrag

VDB-91831

CPE

bereit

CWE

CWE-352 (bestätigt)

CVSS

8.8 (NVD)

EPSS

0.00360

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-6801
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-6801
CVE Details	https://www.cvedetails.com/cve/CVE-2016-6801/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!