← Back

CVE-2015-3140

nvd nist
Published: Nov 21, 2019Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567

Affected (100)

Synametrics
3 products
Synaman
Syncrify
Syntail
Configuration A
44 vulnerable
Vulnerable SoftwareAffected Versions
Synametrics
Synaman
Version 1.0 build786
Synaman
Version 1.0 build805
Synaman
Version 1.1 build972
Synaman
Version 2.0 build1185
Synaman
Version 2.1 build1202
Synaman
Version 2.2 build1205
Synaman
Version 2.2 build1246
Synaman
Version 2.3 build1259
Synaman
Version 2.3 build1261
Synaman
Version 2.4 build1272
Synaman
Version 2.5 build1282
Synaman
Version 2.5 build1289
Synaman
Version 2.5 build1291
Synaman
Version 2.5 build1302
Synaman
Version 2.5 build1303
Synaman
Version 2.5 build1304
Synaman
Version 2.5 build1310
Synaman
Version 2.5 build1313
Synaman
Version 2.5 build1314
Synaman
Version 2.5 build1316
Synaman
Version 2.5 build1318
Synaman
Version 2.5 build1321
Synaman
Version 2.5 build1322
Synaman
Version 2.5 build1324
Synaman
Version 2.5 build1325
Synaman
Version 2.6 build1328
Synaman
Version 2.7 build1337
Synaman
Version 2.7 build1341
Synaman
Version 2.7 build1342
Synaman
Version 3.0 build1358
Synaman
Version 3.0 build1363
Synaman
Version 3.0 build1365
Synaman
Version 3.1 build1380
Synaman
Version 3.1 build1382
Synaman
Version 3.1 build1384
Synaman
Version 3.1 build1386
Synaman
Version 3.2 build1393
Synaman
Version 3.2 build1394
Synaman
Version 3.2 build1398
Synaman
Version 3.3 build1418
Synaman
Version 3.3 build1425
Synaman
Version 3.3 build1430
Synaman
Version 3.4 build1434
Synaman
Version 3.4 build1444
Configuration B
52 vulnerable
Vulnerable SoftwareAffected Versions
Synametrics
Syncrify
Version 1.3 build352
Syncrify
Version 1.3 build369
Syncrify
Version 1.3 build372
Syncrify
Version 1.3 build375
Syncrify
Version 1.4 build379
Syncrify
Version 1.4 build393
Syncrify
Version 2.0 build413
Syncrify
Version 2.0 build415
Syncrify
Version 2.1 build420
Syncrify
Version 2.1 build422
Syncrify
Version 2.2 build429
Syncrify
Version 2.2 build432
Syncrify
Version 2.3 build443
Syncrify
Version 2.3 build444
Syncrify
Version 2.4 build459
Syncrify
Version 2.4 build463
Syncrify
Version 2.5 build473
Syncrify
Version 2.6 build510
Syncrify
Version 2.6 build517
Syncrify
Version 2.6 build522
Syncrify
Version 3.0 build580
Syncrify
Version 3.0 build591
Syncrify
Version 3.0 build596
Syncrify
Version 3.1 build614
Syncrify
Version 3.2 build629
Syncrify
Version 3.2 build630
Syncrify
Version 3.2 build633
Syncrify
Version 3.2 build638
Syncrify
Version 3.2 build649
Syncrify
Version 3.3 build682
Syncrify
Version 3.3 build688
Syncrify
Version 3.3 build693
Syncrify
Version 3.3 build696
Syncrify
Version 3.3 build700
Syncrify
Version 3.3 build704
Syncrify
Version 3.4 build725
Syncrify
Version 3.4 build735
Syncrify
Version 3.4 build741
Syncrify
Version 3.4 build749
Syncrify
Version 3.5 build778
Syncrify
Version 3.5 build781
Syncrify
Version 3.6 build800
Syncrify
Version 3.6 build809
Syncrify
Version 3.6 build812
Syncrify
Version 3.6 build813
Syncrify
Version 3.6 build814
Syncrify
Version 3.6 build823
Syncrify
Version 3.6 build828
Syncrify
Version 3.7 build833
Syncrify
Version 3.7 build834
Syncrify
Version 3.7 build844
Syncrify
Version 3.7 build850
Configuration C
4 vulnerable
Vulnerable SoftwareAffected Versions
Synametrics
Syntail
Version 1.0 build420
Syntail
Version 1.1 build429
Syntail
Version 1.2 build445
Syntail
Version 1.5 build561

Related CWEs

CWE-352
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (6)

Source: cve@mitre.org
MitigationRelease NotesVendor Advisory
Source: cve@mitre.org
MitigationRelease NotesVendor Advisory
Source: cve@mitre.org
MitigationRelease NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationRelease NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationRelease NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationRelease NotesVendor Advisory

Timeline

No history available yet.