Cross Site Request Forgery (CSRF) Vulnerability in CloverDX Server Console Allows Remote Code Execution

Cross Site Request Forgery (CSRF) Vulnerability in CloverDX Server Console Allows Remote Code Execution

CVE-2021-29995 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A Cross Site Request Forgery (CSRF) issue in Server Console in CloverDX through 5.9.0 allows remote attackers to execute any action as the logged-in user (including script execution). The issue is resolved in CloverDX 5.10, CloverDX 5.9.1, CloverDX 5.8.2, and CloverDX 5.7.1.

Learn more about our Cis Benchmark Audit For Server Software.