CVE-2012-1220

{"id": "CVE-2012-1220", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2012-02-21T13:31:47.047", "references": [{"url": "http://secunia.com/advisories/47947", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/18464", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72991", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/47947", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.exploit-db.com/exploits/18464", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72991", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in modules/config/admin_utente.php in GAzie 5.20 and earlier allows remote attackers to hijack the authentication of administrators for requests that change account information via an update action, as demonstrated by changing the password."}, {"lang": "es", "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en modules/config/admin_utente.php en GAzie v5.20 y anteriores,permite a atacantes remotos secuestrar la autenticaci\u00f3n de los administradores para peticiones de cambio de la informaci\u00f3n de cuentas a trav\u00e9s de una acci\u00f3n update, como se demostr\u00f3 mediante el cambio de contrase\u00f1a."}], "lastModified": "2024-11-21T01:36:41.690", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:devincentiis:gazie:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECFA9074-0A78-460C-9C41-060C464B7115", "versionEndIncluding": "5.20"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:2.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CDA31D7-FC26-4E4C-B032-B62C63594FDC"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:2.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E407408-2103-45B1-8B91-39BF5A3B3BC0"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:2.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F37B5D86-A7AE-48AB-9689-F38979F2CD52"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:2.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74E8510F-8138-4F84-8E91-1902E352C32A"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:2.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFAD7B4B-CCA3-4666-B50E-31BFB8A63276"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:2.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDD85041-5069-42DC-ACEE-9E98EB844282"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:2.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88726711-C50D-4CA1-BE08-DB733C4BF9E7"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:2.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "757B8820-DF9C-4E30-9645-EA0BFDA7B77F"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:2.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C893B91B-8F48-4C9D-B08B-75CA2C00530F"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F885ECE9-D8D4-4030-B0D1-4D192BE8B0B5"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E091435D-BEAC-48AC-A4E3-1C7F11F82C64"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9F1B925-2909-4191-B73F-6C5FE023F411"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87D5B517-1AB8-4475-B9D3-9A418ED83EA5"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45B23E3F-3436-4C7B-9230-E516989D58CE"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DAE6AFA-577D-429C-A735-F346E387C1EE"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D1EEEAE-14B6-4A93-A1CF-D664C8757C92"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8361C9A9-9BEF-4C59-8173-6E94DCD6A145"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C34A2CA3-CD98-4148-876F-F61493FC53F8"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6B4F4E4-7895-4B07-A625-36FA2722B450"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0C4DA82-D5F7-4E75-A745-E710E0FA8525"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DD477BC-2021-4262-A64A-0D3326EA691A"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:3.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F472B50D-1C4A-4B73-A2E4-A5567B3A3027"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED5DD26C-32B7-4196-838A-FFFCD6737E38"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F9805B7-28F2-4100-AD42-0818AD9F2FE8"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCC45695-5AA1-458E-8765-450EB09B434B"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3491D62-CE6A-4079-A7E1-4D523B22F567"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "061B0E77-C71F-4CE7-9316-4669550B3FE0"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FE73501-F04A-43A6-A92D-B44FAA735AA9"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1F11578-752C-4F40-A66C-8903D12540D9"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "723331E0-D0F1-4CE4-9C03-4E019F2AE78B"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32B613A0-53E3-46CE-9A96-F61D5A2B1FE3"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86E255CF-CAE5-4CE7-8C65-0A00D5951D94"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE2170F3-D972-4316-ABC0-F321027D5824"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "509B3378-1752-4FE9-A81B-B9CF58976D6D"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:4.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB969BBD-0CA2-44D1-A5D5-C2CD7C59F744"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1248818-0F26-47C5-92E4-44AE8202D033"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78C057F3-3E5F-4753-986E-A11D1AEEDA78"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "005A8D9F-A006-4B60-9730-40A0DC992629"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "749E201D-21F0-4BE7-8ECB-26AE30F495D1"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DDCE2C5-CDEF-4D39-B173-2713A3CD3B30"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36D35B8E-513C-4EA2-A309-735638F493AF"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48F9512E-B6B4-4B6F-8FD1-12F1FE276438"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B05E03E0-7A5F-4650-BB8C-C9E355587236"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "270C7D15-5D04-4088-978D-4A66DB4EEAA6"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F8C0C14-7252-44EF-BAD8-C11F608B5DFF"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "914DAB68-A1E0-4DA3-849D-57B6612EAF64"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B1C6DB7-75DC-4536-BCC2-913A2B211E04"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24582AAE-C4E5-4198-876C-D63349E3B98D"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5079CDB6-9232-4FD5-B808-8EAD47B8E293"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31B6854E-324C-4509-ACD7-32350A7041D9"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B198B986-CDEA-43B3-BB85-AA30344FEF5C"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5793EEB4-C302-4E72-9A71-63F4A906D3CB"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB2D1F64-9CD5-4C37-BFB5-956228B2A5EE"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "559633E2-FF3D-4CC4-BB70-994950CB57D1"}, {"criteria": "cpe:2.3:a:devincentiis:gazie:5.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F358671C-E648-49C2-9F49-338EC4A2CA0F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}