CVE-2013-1088
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2013-1088
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Novell iManager Tomcat 跨站请求伪造漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Novell iManager是美国Novell公司的一款基于WEB的应用程序,可以使用无线设备管理、配置Novell eDirectory对象。Apache Apache Tomcat是美国阿帕奇(Apache)软件基金会下属的Jakarta项目的一款轻量级Web应用服务器,它主要用于开发和调试JSP程序,适用于中小型系统。 Novell iManager SP6 Patch 1之前的2.7版本中使用的Apache Tomcat中存在跨站请求伪造漏洞。该漏洞源于程序未对用户的特定HTTP请求执行有效性验
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2013-1088
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2013-1088
请登录查看更多情报信息。
- 🔗 http://www.novell.com/support/kb/doc.php?id=7010166x_refsource_CONFIRM
- 🔗 https://bugzilla.novell.com/show_bug.cgi?id=726260x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2013-1088
Same Patch Batch · n/a · 2013-04-24 · 16 CVEs total
| CVE-2013-1956 | Linux kernel ‘create_user_ns’函数安全漏洞 | |
| CVE-2013-1957 | Linux kernel ‘clone_mnt’函数安全漏洞 | |
| CVE-2013-1958 | Linux kernel ‘scm_check_creds’函数安全漏洞 | |
| CVE-2012-5218 | HP ElitePad 900 PCs with BIOS 安全漏洞 | |
| CVE-2012-6140 | Google Authenticator 本地信息泄露漏洞 | |
| CVE-2013-0540 | IBM WebSphere Application Server Liberty Profile 安全绕过漏洞 | |
| CVE-2013-0541 | IBM WebSphere Application Server 拒绝服务漏洞 | |
| CVE-2013-0542 | IBM WebSphere Application Server 跨站脚本漏洞 | |
| CVE-2013-0543 | IBM WebSphere Application Server 安全绕过漏洞 | |
| CVE-2013-0544 | IBM WebSphere Application Server 目录遍历漏洞 | |
| CVE-2013-0565 | IBM WebSphere Application Server 跨站脚本漏洞 | |
| CVE-2013-1195 | Cisco ASA Time-Range Object 安全绕过漏洞 | |
| CVE-2013-1214 | Cisco Unified Contact Center Express 信息泄露漏洞 | |
| CVE-2013-1217 | Cisco IOS SNMP 查询处理拒绝服务漏洞 | |
| CVE-2013-3268 | Novell iManager 授权问题漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2013-1088
No comments yet