CVE-2011-1905

Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified administrative modules in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allow remote attackers to hijack the authentication of administrators via unknown vectors.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
proofpointmessaging_security_gateway
𝑥
≤ 6.2.0.263\:6.2.0.237
proofpointprotection_server
5.5.3
proofpointprotection_server
5.5.4
proofpointprotection_server
5.5.5
proofpointprotection_server
6.0.2
proofpointprotection_server
6.1.1
proofpointprotection_server
6.2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php
http://www.kb.cert.org/vuls/id/790980
https://support.proofpoint.com/article.cgi?article_id=338413
http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php
http://www.kb.cert.org/vuls/id/790980
https://support.proofpoint.com/article.cgi?article_id=338413