CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6496 – MFSBGN03809 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF
https://notcve.org/view.php?id=CVE-2018-6496
Remote Cross-site Request forgery (CSRF) potential has been identified in UCMBD Browser version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1 which could allow for remote unsafe deserialization and cross-site request forgery (CSRF). Se ha identificado potencial para Cross-Site Request Forgery (CSRF) remoto en UCMBD Browser, en sus versiones 4.10, 4.11, 4.12, 4.13, 4.14, 4.15 y 4.15.1 que podría permitir la deserialización remota no segura y Cross-Site Request Forgery (CSRF). • http://www.securityfocus.com/bid/104483 http://www.securitytracker.com/id/1041139 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03180066 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-502: Deserialization of Untrusted Data •