CVE-2023-4837

SmodBIP is vulnerable to Cross-Site Request Forgery, that could be used to induce logged in users to perform unintended actions, including creation of additional accounts with administrative privileges. This issue affects all versions of SmodBIP. SmodBIP is no longer maintained and the vulnerability will not be fixed.
Configurations

Configuration 1 (hide)

cpe:2.3:a:smod:smodbip:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:36

Type Values Removed Values Added
References () https://cert.pl/en/posts/2023/10/CVE-2023-4837/ - Third Party Advisory () https://cert.pl/en/posts/2023/10/CVE-2023-4837/ - Third Party Advisory
References () https://cert.pl/posts/2023/10/CVE-2023-4837/ - Third Party Advisory () https://cert.pl/posts/2023/10/CVE-2023-4837/ - Third Party Advisory
References () https://smod.pl/ - Product () https://smod.pl/ - Product

07 Nov 2023, 04:23

Type Values Removed Values Added
Summary ** UNSUPPPORTED WHEN ASSIGNED ** SmodBIP is vulnerable to Cross-Site Request Forgery, that could be used to induce logged in users to perform unintended actions, including creation of additional accounts with administrative privileges. This issue affects all versions of SmodBIP. SmodBIP is no longer maintained and the vulnerability will not be fixed. SmodBIP is vulnerable to Cross-Site Request Forgery, that could be used to induce logged in users to perform unintended actions, including creation of additional accounts with administrative privileges. This issue affects all versions of SmodBIP. SmodBIP is no longer maintained and the vulnerability will not be fixed.

16 Oct 2023, 16:00

Type Values Removed Values Added
First Time Smod smodbip
Smod
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8
CWE CWE-352
References (MISC) https://cert.pl/posts/2023/10/CVE-2023-4837/ - (MISC) https://cert.pl/posts/2023/10/CVE-2023-4837/ - Third Party Advisory
References (MISC) https://cert.pl/en/posts/2023/10/CVE-2023-4837/ - (MISC) https://cert.pl/en/posts/2023/10/CVE-2023-4837/ - Third Party Advisory
References (MISC) https://smod.pl/ - (MISC) https://smod.pl/ - Product
CPE cpe:2.3:a:smod:smodbip:*:*:*:*:*:*:*:*

10 Oct 2023, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-10 10:15

Updated : 2024-11-21 08:36


NVD link : CVE-2023-4837

Mitre link : CVE-2023-4837

CVE.ORG link : CVE-2023-4837


JSON object : View

Products Affected

smod

  • smodbip
CWE
CWE-352

Cross-Site Request Forgery (CSRF)