CVE-2014-125057

CVSS V2 None CVSS V3 None
Description
A vulnerability was found in mrobit robitailletheknot. It has been classified as problematic. This affects an unknown part of the file app/filters.php of the component CSRF Token Handler. The manipulation of the argument _token leads to incorrect comparison. It is possible to initiate the attack remotely. The name of the patch is 6b2813696ccb88d0576dfb305122ee880eb36197. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217599.
Overview
  • CVE ID
  • CVE-2014-125057
  • Assigner
  • cna@vuldb.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-07T10:15:09
  • Last Modified Date
  • 2023-01-12T20:03:21
Weakness Enumerations
CWE URL
CWE-697 http://cwe.mitre.org/data/definitions/697.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:robitailletheknot_project:robitailletheknot:*:*:*:*:*:*:*:* 1 OR 2014-11-10
References
Reference URL Reference Tags
https://github.com/mrobit/robitailletheknot/commit/6b2813696ccb88d0576dfb305122ee880eb36197
https://vuldb.com/?ctiid.217599
https://vuldb.com/?id.217599
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2014-125057
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-125057
History
Created Old Value New Value Data Type Notes
2023-01-07 10:17:36 Added to TrackCVE
2023-01-07 10:17:36 Weakness Enumeration new
2023-01-08 05:21:07 2023-01-08T05:11:13 CVE Modified Date updated
2023-01-08 05:21:07 Received Awaiting Analysis Vulnerability Status updated
2023-01-08 05:21:11 CVSS V3 information new
2023-01-08 05:21:11 CVSS V2 information new
2023-01-12 05:16:14 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-12 05:16:18 CVSS V3 information new
2023-01-12 05:16:18 CVSS V2 information new
2023-01-12 20:16:05 2023-01-12T20:03:21 CVE Modified Date updated
2023-01-12 20:16:05 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-12 20:16:06 CPE Information updated
2023-01-12 20:16:06 CVSS V3 information new
2023-01-12 20:16:06 CVSS V2 information new