CSRF Vulnerability in SUSE Lifecycle Management Server on SUSE Linux Enterprise
CVE-2010-1325

Currently unrated

Key Information:

Vendor: Novell
Status: Suse Lifecycle Management Server
Vendor: CVE Published:; 3 September 2010

What is CVE-2010-1325?

A cross-site request forgery (CSRF) vulnerability exists in the SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise 11. This flaw allows remote attackers to exploit improper parameter quoting, potentially hijacking authentication of users without their consent. Attackers can leverage this vulnerability to perform unauthorized actions on behalf of victims, highlighting the importance of securing applications against CSRF attacks.

References

https://bugzilla.novell.com/show_bug.cgi?id=588284

x_refsource_CONFIRM

http://www.securityfocus.com/bid/42121

vdb-entryx_refsource_BID

http://lists.opensuse.org/opensuse-security-announce/2010...

vendor-advisoryx_refsource_SUSE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2010
Vulnerability Reserved
Apr 8, 2010

Novell

What is CVE-2010-1325?

References

Timeline