CVE-2012-1220

Published Feb 21, 2012
Last updated 7 years ago
CVSS info 6.8
Overview

Description: Cross-site request forgery (CSRF) vulnerability in modules/config/admin_utente.php in GAzie 5.20 and earlier allows remote attackers to hijack the authentication of administrators for requests that change account information via an update action, as demonstrated by changing the password.
Source: cve@mitre.org
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: CWE-352
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECFA9074-0A78-460C-9C41-060C464B7115",
            "versionEndIncluding": "5.20"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CDA31D7-FC26-4E4C-B032-B62C63594FDC"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E407408-2103-45B1-8B91-39BF5A3B3BC0"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F37B5D86-A7AE-48AB-9689-F38979F2CD52"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:2.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74E8510F-8138-4F84-8E91-1902E352C32A"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:2.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFAD7B4B-CCA3-4666-B50E-31BFB8A63276"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:2.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDD85041-5069-42DC-ACEE-9E98EB844282"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:2.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88726711-C50D-4CA1-BE08-DB733C4BF9E7"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:2.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "757B8820-DF9C-4E30-9645-EA0BFDA7B77F"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:2.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C893B91B-8F48-4C9D-B08B-75CA2C00530F"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F885ECE9-D8D4-4030-B0D1-4D192BE8B0B5"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E091435D-BEAC-48AC-A4E3-1C7F11F82C64"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9F1B925-2909-4191-B73F-6C5FE023F411"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87D5B517-1AB8-4475-B9D3-9A418ED83EA5"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45B23E3F-3436-4C7B-9230-E516989D58CE"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DAE6AFA-577D-429C-A735-F346E387C1EE"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D1EEEAE-14B6-4A93-A1CF-D664C8757C92"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8361C9A9-9BEF-4C59-8173-6E94DCD6A145"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C34A2CA3-CD98-4148-876F-F61493FC53F8"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6B4F4E4-7895-4B07-A625-36FA2722B450"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0C4DA82-D5F7-4E75-A745-E710E0FA8525"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DD477BC-2021-4262-A64A-0D3326EA691A"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:3.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F472B50D-1C4A-4B73-A2E4-A5567B3A3027"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED5DD26C-32B7-4196-838A-FFFCD6737E38"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F9805B7-28F2-4100-AD42-0818AD9F2FE8"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FCC45695-5AA1-458E-8765-450EB09B434B"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3491D62-CE6A-4079-A7E1-4D523B22F567"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "061B0E77-C71F-4CE7-9316-4669550B3FE0"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FE73501-F04A-43A6-A92D-B44FAA735AA9"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1F11578-752C-4F40-A66C-8903D12540D9"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "723331E0-D0F1-4CE4-9C03-4E019F2AE78B"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32B613A0-53E3-46CE-9A96-F61D5A2B1FE3"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86E255CF-CAE5-4CE7-8C65-0A00D5951D94"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE2170F3-D972-4316-ABC0-F321027D5824"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "509B3378-1752-4FE9-A81B-B9CF58976D6D"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:4.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB969BBD-0CA2-44D1-A5D5-C2CD7C59F744"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1248818-0F26-47C5-92E4-44AE8202D033"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78C057F3-3E5F-4753-986E-A11D1AEEDA78"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "005A8D9F-A006-4B60-9730-40A0DC992629"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "749E201D-21F0-4BE7-8ECB-26AE30F495D1"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DDCE2C5-CDEF-4D39-B173-2713A3CD3B30"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36D35B8E-513C-4EA2-A309-735638F493AF"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48F9512E-B6B4-4B6F-8FD1-12F1FE276438"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B05E03E0-7A5F-4650-BB8C-C9E355587236"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "270C7D15-5D04-4088-978D-4A66DB4EEAA6"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F8C0C14-7252-44EF-BAD8-C11F608B5DFF"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "914DAB68-A1E0-4DA3-849D-57B6612EAF64"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B1C6DB7-75DC-4536-BCC2-913A2B211E04"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24582AAE-C4E5-4198-876C-D63349E3B98D"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5079CDB6-9232-4FD5-B808-8EAD47B8E293"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31B6854E-324C-4509-ACD7-32350A7041D9"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B198B986-CDEA-43B3-BB85-AA30344FEF5C"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5793EEB4-C302-4E72-9A71-63F4A906D3CB"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB2D1F64-9CD5-4C37-BFB5-956228B2A5EE"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "559633E2-FF3D-4CC4-BB70-994950CB57D1"
          },
          {
            "criteria": "cpe:2.3:a:devincentiis:gazie:5.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F358671C-E648-49C2-9F49-338EC4A2CA0F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
