CVE-2015-2805

Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, and 6860 with firmware 6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02, 7.3.2.R01, 7.3.3.R01, 7.3.4.R01, and 8.1.1.R01 allows remote attackers to hijack the authentication of administrators for requests that create users via a crafted request.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://packetstormsecurity.com/files/132236/Alcatel-Lucent-OmniSwitch-Web-Interface-Cross-Site-Request-Forgery.html	Exploit
http://seclists.org/fulldisclosure/2015/Jun/23	Exploit
http://www.securityfocus.com/archive/1/535732/100/0/threaded
http://www.securityfocus.com/bid/75121
http://www.securitytracker.com/id/1032544
https://www.exploit-db.com/exploits/37261/	Exploit
https://www.redteam-pentesting.de/advisories/rt-sa-2015-004	Exploit
http://packetstormsecurity.com/files/132236/Alcatel-Lucent-OmniSwitch-Web-Interface-Cross-Site-Request-Forgery.html	Exploit
http://seclists.org/fulldisclosure/2015/Jun/23	Exploit
http://www.securityfocus.com/archive/1/535732/100/0/threaded
http://www.securityfocus.com/bid/75121
http://www.securitytracker.com/id/1032544
https://www.exploit-db.com/exploits/37261/	Exploit
https://www.redteam-pentesting.de/advisories/rt-sa-2015-004	Exploit

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:alcatel-lucent:omniswitch_firmware::::::::
	cpe:2.3:o:alcatel-lucent:omniswitch_firmware::::::::
	cpe:2.3:o:alcatel-lucent:omniswitch_firmware::::::::
	cpe:2.3:o:alcatel-lucent:omniswitch_firmware::::::::
	cpe:2.3:o:alcatel-lucent:omniswitch_firmware::::::::
	cpe:2.3:o:alcatel-lucent:omniswitch_firmware::::::::
	cpe:2.3:o:alcatel-lucent:omniswitch_firmware::::::::
	cpe:2.3:o:alcatel-lucent:omniswitch_firmware::::::::

OR	cpe:2.3:h:alcatel-lucent:omniswitch_10k::::::::
	cpe:2.3:h:alcatel-lucent:omniswitch_6250::::::::
	cpe:2.3:h:alcatel-lucent:omniswitch_6400::::::::
	cpe:2.3:h:alcatel-lucent:omniswitch_6450::::::::
	cpe:2.3:h:alcatel-lucent:omniswitch_6850e::::::::
	cpe:2.3:h:alcatel-lucent:omniswitch_6855::::::::
	cpe:2.3:h:alcatel-lucent:omniswitch_6860::::::::
	cpe:2.3:h:alcatel-lucent:omniswitch_6900::::::::
	cpe:2.3:h:alcatel-lucent:omniswitch_9000e::::::::

History

21 Nov 2024, 02:28

Type	Values Removed	Values Added
References	~~() http://packetstormsecurity.com/files/132236/Alcatel-Lucent-OmniSwitch-Web-Interface-Cross-Site-Request-Forgery.html - Exploit~~	() http://packetstormsecurity.com/files/132236/Alcatel-Lucent-OmniSwitch-Web-Interface-Cross-Site-Request-Forgery.html - Exploit
References	~~() http://seclists.org/fulldisclosure/2015/Jun/23 - Exploit~~	() http://seclists.org/fulldisclosure/2015/Jun/23 - Exploit
References	~~() http://www.securityfocus.com/archive/1/535732/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/535732/100/0/threaded -
References	~~() http://www.securityfocus.com/bid/75121 -~~	() http://www.securityfocus.com/bid/75121 -
References	~~() http://www.securitytracker.com/id/1032544 -~~	() http://www.securitytracker.com/id/1032544 -
References	~~() https://www.exploit-db.com/exploits/37261/ - Exploit~~	() https://www.exploit-db.com/exploits/37261/ - Exploit
References	~~() https://www.redteam-pentesting.de/advisories/rt-sa-2015-004 - Exploit~~	() https://www.redteam-pentesting.de/advisories/rt-sa-2015-004 - Exploit

Information

Published : 2015-06-16 16:59

Updated : 2025-04-12 10:46

NVD link : CVE-2015-2805

Mitre link : CVE-2015-2805

CVE.ORG link : CVE-2015-2805

JSON object : View

Products Affected

alcatel-lucent

omniswitch_10k
omniswitch_6400
omniswitch_6900
omniswitch_6855
omniswitch_9000e
omniswitch_firmware
omniswitch_6860
omniswitch_6850e
omniswitch_6250
omniswitch_6450

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2015-2805", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2015-06-16T16:59:01.113", "references": [{"url": "http://packetstormsecurity.com/files/132236/Alcatel-Lucent-OmniSwitch-Web-Interface-Cross-Site-Request-Forgery.html", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2015/Jun/23", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/535732/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/75121", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1032544", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/37261/", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://www.redteam-pentesting.de/advisories/rt-sa-2015-004", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://packetstormsecurity.com/files/132236/Alcatel-Lucent-OmniSwitch-Web-Interface-Cross-Site-Request-Forgery.html", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2015/Jun/23", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/535732/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/75121", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1032544", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/37261/", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.redteam-pentesting.de/advisories/rt-sa-2015-004", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, and 6860 with firmware 6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02, 7.3.2.R01, 7.3.3.R01, 7.3.4.R01, and 8.1.1.R01 allows remote attackers to hijack the authentication of administrators for requests that create users via a crafted request."}, {"lang": "es", "value": "Vulnerabilidad de CSRF en sec/content/sec_asa_users_local_db_add.html en la interfaz de gesti\u00f3n en Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, y 6860 con firmware 6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02, 7.3.2.R01, 7.3.3.R01, 7.3.4.R01, y 8.1.1.R01 permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores para solicitudes que crean usuarios a trav\u00e9s de una solicitud manipulada."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:alcatel-lucent:omniswitch_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "146D0494-CC3B-47E9-8798-631AA8015A73", "versionEndIncluding": "6.4.5.r02"}, {"criteria": "cpe:2.3:o:alcatel-lucent:omniswitch_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B629D98-2C6F-4937-A3B3-CD3FEE2B61FD", "versionEndIncluding": "6.4.6.r01"}, {"criteria": "cpe:2.3:o:alcatel-lucent:omniswitch_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8CE49B7-937F-4CEE-9A3D-1D94C6A0C0FE", "versionEndIncluding": "6.6.4.r01"}, {"criteria": "cpe:2.3:o:alcatel-lucent:omniswitch_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB4AC6CF-716C-4A40-B0BB-8C652565FD52", "versionEndIncluding": "6.6.5.r02"}, {"criteria": "cpe:2.3:o:alcatel-lucent:omniswitch_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB40E084-75AF-4851-A2DC-A9D6C175C1E4", "versionEndIncluding": "7.3.2.r01"}, {"criteria": "cpe:2.3:o:alcatel-lucent:omniswitch_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F70B59CA-426A-49A1-BD75-516FBC0A4935", "versionEndIncluding": "7.3.3.r01"}, {"criteria": "cpe:2.3:o:alcatel-lucent:omniswitch_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C61B0959-BF8F-4645-9690-B5E7D43CD0D1", "versionEndIncluding": "7.3.4.r01"}, {"criteria": "cpe:2.3:o:alcatel-lucent:omniswitch_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B01558D-907A-4746-A09C-5761A6EE5B8C", "versionEndIncluding": "8.1.1.r01"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:alcatel-lucent:omniswitch_10k:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F7C154AC-D64C-4CB0-99E6-1792B23237BE"}, {"criteria": "cpe:2.3:h:alcatel-lucent:omniswitch_6250:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CC17F6AB-A4A7-4DCF-A38D-567A626BAC9D"}, {"criteria": "cpe:2.3:h:alcatel-lucent:omniswitch_6400:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6E628D41-4AC8-4C60-8353-028588BAE9C0"}, {"criteria": "cpe:2.3:h:alcatel-lucent:omniswitch_6450:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A4D9AB0D-317D-4147-B944-02922FC3E14A"}, {"criteria": "cpe:2.3:h:alcatel-lucent:omniswitch_6850e:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2026FD8F-2734-4927-AE3D-F346B6A3F7DD"}, {"criteria": "cpe:2.3:h:alcatel-lucent:omniswitch_6855:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9CA46E94-6195-4AD9-A6C1-97F309D57614"}, {"criteria": "cpe:2.3:h:alcatel-lucent:omniswitch_6860:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6558791-5C3C-451C-B8C9-498A27555248"}, {"criteria": "cpe:2.3:h:alcatel-lucent:omniswitch_6900:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C314BC45-D037-4FD9-B893-A737358EA851"}, {"criteria": "cpe:2.3:h:alcatel-lucent:omniswitch_9000e:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "30CE6E3F-9C8A-4EC8-9DF5-DA618C4985C6"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}

6.8 /10