KLA10331
SB vulnerability in Snare
Updated: 06/01/2019
Detect date
?
07/02/2010
Severity
?
High
Description

A CSRF vulnerability was found in Snare. By exploiting this vulnerability malicious users can hijack administrator auth. This vulnerability can be exploited remotely.

Affected products

InterSect Alliance Snare Agent versions 3.2.3 and earlier for Solaris
InterSect Alliance Snare Agent versions 3.1.7 and earlier for Windows
InterSect Alliance Snare Agent versions 1.5.0 and earlier for Linux and AIX
InterSect Alliance Snare Agent versions 1.4 and earlier for IRIX
InterSect Alliance Snare Epilog versions 1.5.3 and earlier for Windows
InterSect Alliance Snare Epilog versions 1.2 and earlier for UNIX 

Solution

Update to latest version

Impacts
?
SB 
[?]
CVE-IDS
?