CVE-2013-7107 (retired)

Priority
Description
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Icinga 1.8.5,
1.9.4, 1.10.2, and earlier allows remote attackers to hijack the
authentication of users for unspecified commands via unspecified vectors,
as demonstrated by bypassing authentication requirements for CVE-2013-7106.
Notes
 mdeslaur> fixing this in stable releases will break compatibility with
 mdeslaur> some addons and scripts, ignoring.
Package
Upstream:released (1.10.2-1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (1.10.2-1)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):ignored
More Information

Updated: 2019-03-26 12:11:34 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)