CVE Daily

CVE-2014-8246

Cross-site request forgery (CSRF) vulnerability in CA Release Automation (former...

Medium CVSS 6.8

Overview

Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CWE: CWE-352 Published: 2014-12-16T23:59:03.607
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.8 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags