CVE-2012-4943

Agile FleetCommander & Kiosk <4.08 - CSRF

Title source: llm
STIX 2.1

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to hijack the authentication of arbitrary users for requests that modify (1) passwords, (2) accounts, or (3) permissions.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/79854
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/427547
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/56427

Scores

EPSS 0.0073
EPSS Percentile 49.9%

Details

CWE
CWE-352
Status published
Products (2)
agilefleet/fleetcommander < 4.0
agilefleet/fleetcommander_kiosk < 4.0
Published Nov 18, 2012
Tracked Since Feb 18, 2026