CVE-2009-0272
Published Feb 2, 2009
Last updated 6 years ago
Overview
- Description
- Cross-site request forgery (CSRF) vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allows remote attackers to insert e-mail forwarding rules, and modify unspecified other configuration settings, as arbitrary users via unknown vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-352
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:groupwise:6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AD18143-9962-4C0D-AD3D-66C0CF3FB5D0"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE640E9A-762B-4AF4-8677-818CBF16EA4E"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:7.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86DB474F-D101-4210-9DC1-7230E9CAE80D"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:7.02x:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D861C5BE-825C-4EED-994A-9DE38AB6EA2A"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:7.03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D75C8A8-8162-4160-9295-2DA4D710AD58"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:7.03:hp1a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84293DF8-D11D-4CB4-99EC-EB60AF027B8C"
},
{
"criteria": "cpe:2.3:a:novell:groupwise:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C52E2ABC-20AE-437A-83B0-2E0753787FB5"
}
],
"operator": "OR"
}
]
}
]