CVE-2014-2659
Published Apr 22, 2014
Last updated 7 years ago
Overview
- Description
- Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-352
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C39F2093-2205-4065-930D-433B45C6F868",
"versionEndIncluding": "14.1"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF398E65-476C-41C5-9C96-243740F1B429"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "322A6E60-374D-437D-9F7F-C0DE19894279"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DECB5F11-6E2B-42B6-8964-83EA876BF735"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A31AA18-E4C0-4173-9461-2A51723C001C"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22BBE05F-26E5-417D-8841-9A2E47D040CA"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:12.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D14BAE3F-FA54-4495-BE0C-913CC76E4B63"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D05483BC-AF45-4A20-93F1-7B9CA6ED104D"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "661D8595-B0C2-4B81-A921-18031B681B4C"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "851320F4-8239-482C-A164-1372D7C6AAD9"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1429B0AE-F0BB-4770-B8AB-26CA0BBD9975"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A8966A5-3C9E-42DB-92A9-74975E6957FF"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:13.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2F6E5F3-FDED-47C6-91D4-6FC6317E4DFA"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_mf:14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B3266B2-CBDC-432D-ACBA-FDF293368FB0"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "159145D0-A4ED-4F74-9A1F-6BBB2CC7568A",
"versionEndIncluding": "14.1"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43F90D1A-6523-4EA2-BD70-3230E01A66E7"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD91C180-D7F1-43BE-8472-5E72DF27993E"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2464601-F136-410A-862F-2273B1782AC6"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "419FEFF8-A892-403C-BF8A-304272EE16D7"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D02D413C-693E-45B9-83A4-CBFA844FEBB5"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:12.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C8A222F-CEEF-481A-BE3C-0D736CE64A18"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B6C4B24-3F7E-48C8-9FE6-5DBFEB4425A6"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10E34435-E2C8-417A-9950-FECD267DEA27"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30875001-1705-4B52-8DC2-6898DAE23BBC"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B66EF4D7-6BBE-4A71-A887-59105AFBEE6D"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2620A163-36DD-4D89-8044-893B1A4E823B"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:13.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00A6BA83-BF06-4E4A-A474-0AB98C55F3D4"
},
{
"criteria": "cpe:2.3:a:papercut:papercut_ng:14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D9025F2-7C5C-4FC9-A239-584215618239"
}
],
"operator": "OR"
}
]
}
]