SmodBIP is vulnerable to Cross-Site Request Forgery, that could be used to induce logged in users to perform unintended actions, including creation of additional accounts with administrative privileges.
This issue affects all versions of SmodBIP. SmodBIP is no longer maintained and the vulnerability will not be fixed.
References
Link | Resource |
---|---|
https://cert.pl/en/posts/2023/10/CVE-2023-4837/ | Third Party Advisory |
https://cert.pl/posts/2023/10/CVE-2023-4837/ | Third Party Advisory |
https://smod.pl/ | Product |
Configurations
History
07 Nov 2023, 04:23
Type | Values Removed | Values Added |
---|---|---|
Summary | SmodBIP is vulnerable to Cross-Site Request Forgery, that could be used to induce logged in users to perform unintended actions, including creation of additional accounts with administrative privileges. This issue affects all versions of SmodBIP. SmodBIP is no longer maintained and the vulnerability will not be fixed. |
16 Oct 2023, 16:00
Type | Values Removed | Values Added |
---|---|---|
First Time |
Smod smodbip
Smod |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | CWE-352 | |
References | (MISC) https://cert.pl/posts/2023/10/CVE-2023-4837/ - Third Party Advisory | |
References | (MISC) https://cert.pl/en/posts/2023/10/CVE-2023-4837/ - Third Party Advisory | |
References | (MISC) https://smod.pl/ - Product | |
CPE | cpe:2.3:a:smod:smodbip:*:*:*:*:*:*:*:* |
10 Oct 2023, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-10 10:15
Updated : 2024-08-02 08:15
NVD link : CVE-2023-4837
Mitre link : CVE-2023-4837
CVE.ORG link : CVE-2023-4837
JSON object : View
Products Affected
smod
- smodbip
CWE
CWE-352
Cross-Site Request Forgery (CSRF)