VYPR
Unrated severityNVD Advisory· Published Mar 22, 2024· Updated Aug 12, 2024

LoadMaster Cross-Site Request Forgery (CSRF)

CVE-2024-2449

Description

A cross-site request forgery vulnerability has been identified in LoadMaster.  It is possible for a malicious actor, who has prior knowledge of the IP or hostname of a specific LoadMaster, to direct an authenticated LoadMaster administrator to a third-party site. In such a scenario, the CSRF payload hosted on the malicious site would execute HTTP transactions on behalf of the LoadMaster administrator.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.