Short Name |
HTTP:APACHE:ARCHIVA-CSRF |
---|---|
Severity |
High |
Recommended |
No |
Category |
HTTP |
Keywords |
Apache Archiva Cross Site Request Forgery |
Release Date |
2012/11/15 |
Update Number |
2203 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to exploit a known flaw in Apache Archiva. Apache Archiva is prone to a cross-site request-forgery vulnerability. A successful attack could result in an attacker gaining administrative control over an Archiva-powered website.
Apache Archiva is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application. Other attacks are also possible. The following versions are affected: Archiva versions 1.0 through 1.0.3 Archiva versions 1.1 through 1.1.4 Archiva versions 1.2 through 1.2.2 Archiva versions 1.3 through 1.3.1