High severity8.8NVD Advisory· Published Mar 20, 2018· Updated Jun 17, 2026
CVE-2014-1457
CVE-2014-1457
Description
Open Web Analytics (OWA) before 1.5.6 improperly generates random nonce values, which makes it easier for remote attackers to bypass a CSRF protection mechanism by leveraging knowledge of an OWA user name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<1.5.6+ 1 more
- (no CPE)range: <1.5.6
- (no CPE)range: <1.5.6
Patches
Vulnerability mechanics
References
4- www.secureworks.com/research/swrx-2014-006nvdExploitThird Party Advisory
- www.openwebanalytics.comnvdVendor Advisory
- www.securityfocus.com/bid/65573nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/91125nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.