CVE-2017-7556

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-7556

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7556.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-7556

Aliases

GHSA-q4q2-fvwf-6ghv

Published

2017-08-17T19:29:00.270Z

Modified

2025-11-14T05:17:51.283135Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user.

References

Affected packages

Git / github.com/hawtio/hawtio

Affected ranges

Type: GIT
Repo: https://github.com/hawtio/hawtio
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

c138304d93074eb6c403f4e382d63b9c9126004d

Affected versions

hawtio-1.*

hawtio-1.0

hawtio-1.1-SNAPSHOT

hawtio-1.2-M10

hawtio-1.2-M11

hawtio-1.2-M12

hawtio-1.2-M13

hawtio-1.2-M14

hawtio-1.2-M15

hawtio-1.2-M16

hawtio-1.2-M17

hawtio-1.2-M18

hawtio-1.2-M19

hawtio-1.2-M2

hawtio-1.2-M20

hawtio-1.2-M21

hawtio-1.2-M22

hawtio-1.2-M23

hawtio-1.2-M24

hawtio-1.2-M25

hawtio-1.2-M26

hawtio-1.2-M27

hawtio-1.2-M3

hawtio-1.2-M4

hawtio-1.2-M5

hawtio-1.2-M6

hawtio-1.2-M7

hawtio-1.2-M8

hawtio-1.2-M9

hawtio-1.2-SNAPSHOT

hawtio-1.2.0

hawtio-1.2.1

hawtio-1.2.2

hawtio-1.2.3

hawtio-1.3.0

hawtio-1.3.1

hawtio-1.4.0

hawtio-1.4.1

hawtio-1.4.10

hawtio-1.4.11

hawtio-1.4.12

hawtio-1.4.14

hawtio-1.4.15

hawtio-1.4.16

hawtio-1.4.17

hawtio-1.4.18

hawtio-1.4.19

hawtio-1.4.2

hawtio-1.4.20

hawtio-1.4.21

hawtio-1.4.22

hawtio-1.4.23

hawtio-1.4.24

hawtio-1.4.25

hawtio-1.4.26

hawtio-1.4.27

hawtio-1.4.28

hawtio-1.4.29

hawtio-1.4.3

hawtio-1.4.30

hawtio-1.4.31

hawtio-1.4.32

hawtio-1.4.33

hawtio-1.4.34

hawtio-1.4.35

hawtio-1.4.36

hawtio-1.4.37

hawtio-1.4.38

hawtio-1.4.39

hawtio-1.4.4

hawtio-1.4.40

hawtio-1.4.41

hawtio-1.4.42

hawtio-1.4.43

hawtio-1.4.44

hawtio-1.4.45

hawtio-1.4.46

hawtio-1.4.47

hawtio-1.4.48

hawtio-1.4.49

hawtio-1.4.5

hawtio-1.4.50

hawtio-1.4.51

hawtio-1.4.52

hawtio-1.4.53

hawtio-1.4.54

hawtio-1.4.55

hawtio-1.4.56

hawtio-1.4.57

hawtio-1.4.58

hawtio-1.4.59

hawtio-1.4.6

hawtio-1.4.60

hawtio-1.4.61

hawtio-1.4.62

hawtio-1.4.63

hawtio-1.4.64

hawtio-1.4.65

hawtio-1.4.66

hawtio-1.4.67

hawtio-1.4.68

hawtio-1.4.7

hawtio-1.4.8

hawtio-1.4.9

hawtio-1.5.0

hawtio-1.5.1

hawtio-1.5.2

hawtio-1.5.3

project-2.*

project-2.0.0

v0.*

v0.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7556.json"