CVE-2010-1325 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-1325 Interim 1 3 2021-06-09T08:54:19Z current 2021-05-30T12:51:09Z 2021-06-09T08:54:19Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-1325 Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html E-Mail link for SUSE-SR:2010:014 https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect. CVE-2010-1325 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N