Cross-Site Request Forgery Vulnerability in Motorola Solutions MOSCAD IP Gateway
CVE-2015-7936

7.5HIGH

Key Information:

Vendor: Motorola
Status: Moscad Ip Gateway Firmware
Vendor: CVE Published:; 23 December 2015

What is CVE-2015-7936?

The vulnerability in the MOSCAD IP Gateway from Motorola Solutions exposes administrators to potential authentication hijacking through a cross-site request forgery (CSRF) attack. This can allow remote attackers to execute unauthorized actions on behalf of the authenticated user, particularly in modifying passwords without their consent, leading to further security breaches and unauthorized access.

References

https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02

x_refsource_MISC

http://www.securityfocus.com/bid/79624

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 23, 2015
Vulnerability Reserved
Oct 22, 2015