CVE-2014-1990

Currently unrated

Key Information:

Vendor: Toshiba
Status: E-studio-282; E-studio-283; E-studio-232; E-studio-233
Vendor: CVE Published:; 19 April 2014

Summary

Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authentication of administrators for requests that change passwords.

References

http://www.toshibatec.co.jp/page.jsp?id=4224

x_refsource_CONFIRM

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000038

third-party-advisoryx_refsource_JVNDB

http://jvn.jp/en/jp/JVN13313061/index.html

third-party-advisoryx_refsource_JVN

Timeline

Vulnerability published
Apr 19, 2014
Vulnerability Reserved
Feb 17, 2014