Cross-Site Request Forgery Vulnerabilities in Apache Geronimo Application Server
CVE-2009-0039

Currently unrated

Key Information:

Vendor

Apache
Status
Geronimo
Vendor
CVE Published:
17 April 2009

What is CVE-2009-0039?

The Apache Geronimo Application Server 2.1 through 2.1.3 is susceptible to multiple cross-site request forgery (CSRF) vulnerabilities in its web administration console. This allows remote attackers to potentially hijack the authentication of administrators and perform unauthorized actions. These actions may include changing the web administration password, uploading malicious applications, and executing other unspecified administrative tasks, which could lead to further exploitation of the affected server.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://geronimo.apache.org/21x-security-report.html#2.1.x...
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2009/1089
vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/34562
vdb-entryx_refsource_BID

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.