CVE-2010-2594

Published Jul 2, 2010
Last updated 3 months ago
CVSS info 6.8
Overview

Description: Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-352
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89C72256-1076-4ADE-99FD-3211D4210571",
            "versionEndIncluding": "3.2.3"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52F1E105-8DD0-4A70-B776-118C0AD297CD"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90D62C11-8F19-4EA2-B69A-4AD59A285DC6"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C12A8C4-BF04-4B1B-8B50-EF6E9BDB14F2"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08EE9563-7416-4572-9B73-8D67F82DD2BC"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36F767D0-6ACB-40AC-8260-0F43E1CB7332"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2432243-5B6A-49B7-A18D-BF902872880B"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "776ADA38-8323-44FC-BB85-823BB31E0FE7"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C74F35D-5B2B-413B-8297-4F8EA65A0CC8"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDF910EF-2A69-4B43-B487-EF476412BFF7"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:2.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "316DADD7-21E6-4729-AE75-87DD21977E1E"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23ED0D79-6929-4E77-96EB-3A4DA40E3E2A"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55318889-CE1E-4C38-BC61-7A31F4C4502C"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B22AFA6-E731-49E4-91B7-8659B156D63A"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "526D1EBD-BBFA-42C7-96D6-5B24E447D6C5"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C0B63D1-6D64-4640-A0DA-4A0603456057"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E64BBC83-2C9E-4B35-ACF5-E4A0DD4CACB9",
            "versionEndIncluding": "3.1.7"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23ED0D79-6929-4E77-96EB-3A4DA40E3E2A"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55318889-CE1E-4C38-BC61-7A31F4C4502C"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE0B343C-3313-480E-AD50-8844C5EE3107"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78246ED3-92E1-4036-B46E-391F398FD05D"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "307FF903-7722-4AE3-B36B-5ED492A0115E"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB68669D-D718-482A-BA8D-8231E9AA6D50"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:3.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29DC5182-860C-4D2D-8427-E00A3D0B05F3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0259B24D-3DB9-4A77-BF45-E392A548F4E9",
            "versionEndIncluding": "1.5.0"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:0.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D25BE641-7C32-4A45-9B3A-8517923B72ED"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:0.9.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86A81EDD-98C2-41FA-B3ED-E846E4E287D0"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:0.9.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADE10B2C-41B5-47D3-AE56-874198DFE8EF"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:0.9.7a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC197C77-DD26-43B2-9147-90B476E45891"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:0.9.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94641156-1C85-42AB-B201-CE81432274BF"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9D6CCDA-376C-402B-AC90-5578374B5461"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43FC0A2E-F5F4-4334-8D76-AC097F7BA29B"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A301F579-FC14-4FF0-8383-A0E12B2D461F"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B093131-CABA-4B30-8A2F-E11F3E3D3E51"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "673EE9E4-8465-4659-B65E-5215B09732B8"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AB364B9-E2DB-4FEF-B53F-D3F014B48BDD"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A0A0446-6190-44B7-BE90-1B07A3A650D9",
            "versionEndIncluding": "1.4"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9D6CCDA-376C-402B-AC90-5578374B5461"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A301F579-FC14-4FF0-8383-A0E12B2D461F"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B093131-CABA-4B30-8A2F-E11F3E3D3E51"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "056B3397-81A9-4128-9F49-ECEBE1743EE8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDBAE0DE-4F29-45D5-9B9E-8C9D4D02BD31",
            "versionEndIncluding": "1.5.3"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A8709F-5400-4946-B08E-7FF0812DB679"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D1BF5FF-6148-49E1-B58B-E46EA24F7953"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "883D033D-F5D4-4FFD-85F8-CE4054470362"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7231A15-25B7-4D09-B19E-676B2A8F98D0"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBE17A5C-4ED8-4E9A-8E41-730F70D709E9"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9552E0E7-6E7D-4807-9D9E-AF4956C47C61"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52003973-A127-4E33-899A-5533035CF445"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3F842B9-11DE-44DB-B49D-9927E28FE571"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3749470D-5AFD-4391-9CBD-B346CDF76B15"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D371D01-1212-43AD-807A-871FDBC64C9E",
            "versionEndIncluding": "1.2"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_epilog:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A8709F-5400-4946-B08E-7FF0812DB679"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0259B24D-3DB9-4A77-BF45-E392A548F4E9",
            "versionEndIncluding": "1.5.0"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9D6CCDA-376C-402B-AC90-5578374B5461"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A301F579-FC14-4FF0-8383-A0E12B2D461F"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B093131-CABA-4B30-8A2F-E11F3E3D3E51"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "673EE9E4-8465-4659-B65E-5215B09732B8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFC2625D-4978-4D3E-930F-7A4E1AE97832",
            "versionEndIncluding": "1.1.4"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9D6CCDA-376C-402B-AC90-5578374B5461"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3104865-CA72-4EA6-B12F-C1866B838C74"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7BA01B6-7ABB-4A61-8349-CDF81B38016C"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D9262BE-6BD7-48D5-BE9E-66404F6B4C02"
          },
          {
            "criteria": "cpe:2.3:a:intersect_alliance:snare_agent:1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BC22219-2F56-4562-B409-1F504A734064"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "32623D48-7000-4C7D-823F-7D2A9841D88C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
