CVE-2008-0182

EUVD-2008-0194
Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal before 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated users via the Shutdown message.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
liferayliferay_enterprise_portal
𝑥
≤ 4.3.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/28742
http://support.liferay.com/browse/LEP-4739
http://www.kb.cert.org/vuls/id/767825
http://secunia.com/advisories/28742
http://support.liferay.com/browse/LEP-4739
http://www.kb.cert.org/vuls/id/767825