CSRF Vulnerability in Samba Web Administration Tool (SWAT) Allows Authentication Hijacking

CSRF Vulnerability in Samba Web Administration Tool (SWAT) Allows Authentication Hijacking

CVE-2013-0214 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions.

Learn more about our Web App Pen Testing.