Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4431)

Description

org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.

Remediation

References

Related Vulnerabilities

Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5324)

WordPress Plugin WordPress Backup and Migrate-Backup Guard Cross-Site Scripting (1.1.46)

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-26034)

WordPress Plugin wSecure Lite Remote Code Execution (2.3)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Unspecified Vulnerability (2.9.24)

Severity

Medium

Classification

CVE-2012-4431 CWE-264

Tags

Missing Update Known Vulnerabilities