CVE-2013-4050

{"id": "CVE-2013-4050", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-11-08T04:47:22.837", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21652988", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86433", "source": "psirt@us.ibm.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad CSRF en webadmin.nsf en Domino Web Administrator de IBM Domino 8.5 y 9.0 permite a usuarios remotos autenticados secuestrar la autenticaci\u00f3n de v\u00edctimas sin especificar a trav\u00e9s de vectores desconocidos."}], "lastModified": "2017-08-29T01:33:34.293", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD"}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:9.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7025B610-6988-4A78-B0ED-6FB728AA6C28"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}