Upstream information

CVE-2016-1607 at MITRE

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time request.

SUSE information

Overall state of this security issue: Does not affect SUSE products

SUSE Bugzilla entry: 981239 [VERIFIED / FIXED]

SUSE Security Advisories:

  • TID7017786, published Sa 3. Mär 12:03:05 CET 2018
  • TID7017789, published Sa 3. Mär 12:03:10 CET 2018


SUSE Timeline for this CVE

CVE page created: Tue Jun 28 17:46:51 2016
CVE page last modified: Thu Aug 3 16:27:17 2023