Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fox-IT DataDiode Appliance CSRF
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative web interface in the proxy server on Fox-IT Fox DataDiode appliances before 1.7.2 allow remote attackers to hijack the authentication of administrators for requests that (1) create administrative users, (2) remove administrative users, or (3) change permissions.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Fox-IT Fox DataDiode应用程序跨站请求伪造漏洞
Vulnerability Description
Fox-IT Fox DataDiode是荷兰Fox-IT公司的一套基于Web的主要用于对Fox DataDiode(一种在不同安全级别网络之间传送数据的解决方案)进行代理服务配置的管理工具。 Fox-IT Fox DataDiode应用程序1.7.2之前版本上的代理服务器的Web管理界面中存在跨站请求伪造漏洞。远程攻击者可利用该漏洞创建或删除管理员用户,或更改权限。
CVSS Information
N/A
Vulnerability Type
N/A