Hijacking Authenticated User Actions with CSRF
CVE-2024-45504

Currently unrated

Key Information:

Vendor

Alps System Integration Co., Ltd.

Status
Intersafe Webfilter
Intersafe Logdirector
Intersafe Gatewayconnection
Intersafe Lognavigator
Vendor
CVE Published:
10 September 2024

What is CVE-2024-45504?

Cross-site request forgery (CSRF) vulnerability in multiple Alps System Integration products and the OEM products allow a remote unauthenticated attacker to hijack the authentication of the user and to perform unintended operations if the user views a malicious page while logged in.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AssetView F versions before 2024 July 4 maintenance

InterSafe CATS versions before 2024 July 4 maintenance

InterSafe GatewayConnection versions before 2024 July 20 maintenance

References

https://alsifaq.dga.jp/faq_detail.html?id=6494
https://success.trendmicro.com/ja-JP/solution/KA-0017618
https://www.motex.co.jp/news/notice/2024/release240909/

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.