CVE-2024-45504

Vulnerability

Overview CVE-2024-45504 is a cross-site request forgery (CSRF) vulnerability affecting multiple Alps System Integration products and their OEM counterparts [1]. The flaw, classified as CWE-352, allows an attacker to hijack the authentication of a logged-in user and perform unintended operations [1][3].

Exploitation

The vulnerability can be exploited remotely by an unauthenticated attacker who tricks a user already logged into the affected product's management console into visiting a malicious page [1][2]. No authentication is required for the attacker, but the victim must have an active session [3]. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) indicates low attack complexity and no privileges required, but user interaction is necessary [2][4].

Impact

Successful exploitation results in high integrity impact, as the attacker can perform arbitrary operations on the management console with the victim's privileges [2][4]. Confidentiality is not affected, and the overall severity is rated Medium (CVSS 6.5) [1][2].

Mitigation

Patches have been released for several products, including InterSafe GatewayConnection, CATS, MobileSecurity, MJS WebFiltering, AssetView F, and LANSCOPE EndpointManager WebFiltering [1][4]. Trend Micro's InterScan WebManager has patches for versions 9.0 and 9.1 [2]. Users are advised to update to the latest versions or apply workarounds as specified by vendors [1][2].