CVE-2009-3759

moderate-risk
Published 2009-10-22

Multiple cross-site request forgery (CSRF) vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to hijack the authentication of administrators for (1) requests that change the password via the username parameter to config/changepw.php or (2) stop a virtual machine via the stop_vmname parameter to hardstopvm.php. NOTE: some of these details are obtained from third party information.

Do I need to act?

~
1.7% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
9106
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Citrix

References (14)

Broken Link http://securenetwork.it/ricerca/advisory/download/SN-2009-01.txt
Broken Link http://securitytracker.com/id?1022520
Exploit http://www.exploit-db.com/exploits/9106
Broken Link http://www.securityfocus.com/archive/1/504764
Broken Link http://www.securityfocus.com/bid/35592
Broken Link http://www.vupen.com/english/advisories/2009/1814
Third Party Advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/51576
Broken Link http://securenetwork.it/ricerca/advisory/download/SN-2009-01.txt
Broken Link http://securitytracker.com/id?1022520
Exploit http://www.exploit-db.com/exploits/9106
Broken Link http://www.securityfocus.com/archive/1/504764
Broken Link http://www.securityfocus.com/bid/35592
Broken Link http://www.vupen.com/english/advisories/2009/1814
Third Party Advisory https://exchange.xforce.ibmcloud.com/vulnerabilities/51576
46
/ 100
moderate-risk
Severity 30/34 · Critical
Exploitability 11/34 · Low
Exposure 5/34 · Minimal