CVE-2008-2140: CSRF
Published May 12, 2008
·Updated
Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform Agent 2 and 3 allows remote attackers to reset the root password as the administrator via a crafted URL.
Affected Software
2 affected components
rPath Appliance Platform Agent=3
rPath Appliance Platform Agent=2
Event History
May 12, 2008
CVE Published
via MITRE·05:00 PM
Data Sourced
via MITRE·05:00 PM
Description
Frequently Asked Questions
1
What is the severity of CVE-2008-2140?
CVE-2008-2140 is considered a high-severity vulnerability due to its potential to allow attackers to reset the root password.
2
How do I fix CVE-2008-2140?
To fix CVE-2008-2140, update the rPath Appliance Platform Agent to the latest version that has patched this vulnerability.
3
What software is affected by CVE-2008-2140?
CVE-2008-2140 affects rPath Appliance Platform Agent versions 2 and 3.
4
What type of vulnerability is CVE-2008-2140?
CVE-2008-2140 is a Cross-site request forgery (CSRF) vulnerability.
5
What can attackers do with CVE-2008-2140?
Attackers can exploit CVE-2008-2140 to reset the root password on the affected systems.