• 网络与数据中心管理
  • 服务器与应用性能管理
  • IT服务管理
  • Windows AD域管理
  • 终端管理
  • IT安全
  • MSP
  • IT运维平台
 
 
应用性能管理(APM)
保证物理、虚拟、云环境的应用性能
 
 
简化终端设备管理
全面管控PC计算机、智能手机以及平板电脑,确保网络安全
 
 
IT运维外包服务工具
多租户模式,为您的客户提供更好的服务
IT运维管理平台
统一监控、集中运维
 

Security Updates on Vulnerabilities

CVE-2014-9331 - "Cross-Site Request Forgery (CSRF) Attack"

This document will explain you about the Cross-Site Request Forgery (CSRF) attack. Attackers were able to create administrator accounts, from browsers, where an authenticated Desktop Central user has logged on.

Vulnerability ID : CVE-2014-9331
Update Released Build : 90130
Update Release Date : Jan 30th 2015


What was the Problem?

If the attackers happen to gain access to a web browser, where an authenticated Desktop Central user has previously logged on, then they were able to perform the "Cross-Site Request Forgery Attack" in order to create Desktop Central administrator accounts.

How do I fix it?

This has been identified and fixed, in the Desktop Central build # 90130. Upgrade to the latest build for this issue to be fixed.

Keywords: Security Updates, Vulnerabilities and Fixes, Adminitstrator account creation, CVE-2014-9331, CSRF

我们的客户

展开