Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. Thus, a cross-site request forgery attack could occur.
References
Link | Resource |
---|---|
https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=69 | Vendor Advisory |
https://unisys.com | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-09-13T19:29:18
Updated: 2022-09-13T19:29:18
Reserved: 2022-06-08T00:00:00
Link: CVE-2022-32555
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-13T20:15:09.750
Modified: 2022-09-17T00:18:44.313
Link: CVE-2022-32555
JSON object: View
Redhat Information
No data.
CWE