CVE-2016-4506

Published: May 31, 2016Modified: May 6, 2026

8.0

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.1 / Impact: 5.9

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability on Resource Data Management (RDM) Intuitive 650 TDB Controller devices before 2.1.24 allows remote authenticated users to hijack the authentication of arbitrary users.

Affected (1)

Products: Resourcedm: Intuitive 650 Tdb Controller

Resourcedm

1 product

Intuitive 650 Tdb Controller

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Resourcedm Intuitive 650 Tdb Controller	Up to 2.1

Related CWEs

CWE-352

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (2)

https://ics-cert.us-cert.gov/advisories/ICSA-16-140-01

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://ics-cert.us-cert.gov/advisories/ICSA-16-140-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.