Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that modify the default user's password via a GET request.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-15-076-01 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2015-03-31T01:00:00
Updated: 2015-03-31T01:57:01
Reserved: 2015-01-10T00:00:00
Link: CVE-2015-0985
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-03-31T01:59:37.693
Modified: 2015-03-31T17:10:30.727
Link: CVE-2015-0985
JSON object: View
Redhat Information
No data.
CWE