Security Advisory

CVE-2014-2358

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-10-19 01:00:00

Last updated 2025-10-03 17:19:27

Assigner icscert

State PUBLISHED

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative web interface in the proxy server on Fox-IT Fox DataDiode appliances before 1.7.2 allow remote attackers to hijack the authentication of administrators for requests that (1) create administrative users, (2) remove administrative users, or (3) change permissions.

← Browse all CVEs View on cve.org ↗