Detections
Analytics

CVE-2012-4943

high

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to hijack the authentication of arbitrary users for requests that modify (1) passwords, (2) accounts, or (3) permissions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/79854

http://www.securityfocus.com/bid/56427

http://www.kb.cert.org/vuls/id/427547

Details

Source: Mitre, NVD

Published: 2012-11-18

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High