Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2010-2151

Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown vectors.

Published

2010-06-03T16:30:01.680

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 2.6 (LOW)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

  • Access Vector: NETWORK
  • Access Complexity: HIGH
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: PARTIAL
  • Availability Impact: NONE
Exploitability Score

4.9

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-352
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application fujitsu e-pares l01 Yes
Application fujitsu e-pares l03 Yes
Application fujitsu e-pares l10 Yes
Application fujitsu e-pares l20 Yes
Application fujitsu e-pares l30 Yes
Application fujitsu e-pares l40 Yes
Application fujitsu e-pares v01 Yes
References