CVE-2013-0185

HIGH

ManageIQ Enterprise Virtualization Manager - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.

References (1)

Core 1
Core References
Issue Tracking, Vendor Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=895345

Scores

CVSS v3 8.8
EPSS 0.0075
EPSS Percentile 50.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-352
Status published
Products (1)
redhat/manageiq_enterprise_virtualization_manager
Published May 01, 2018
Tracked Since Feb 18, 2026