VYPR
Unrated severityNVD Advisory· Published Feb 4, 2014· Updated Jun 16, 2026

CVE-2012-6493

CVE-2012-6493

Description

Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console before 5.5.4 allows remote attackers to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • Rapid7/Nexpose15 versions
    cpe:2.3:a:rapid7:nexpose:*:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:rapid7:nexpose:*:*:*:*:*:*:*:*range: <=5.5.3
    • cpe:2.3:a:rapid7:nexpose:5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.10:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.11:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.12:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.4.9:*:*:*:*:*:*:*
    • cpe:2.3:a:rapid7:nexpose:5.5.1:*:*:*:*:*:*:*
  • Range: <5.5.4

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.