CVE-2008-1106

NONECVSS 0.0

0.0

The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains (1) no Referer header, or (2) a spoofed Referer header that matches an approved domain, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and force the client to download and execute arbitrary files.

🔗 References (16)

PSIRT-CNA@flexerasoftwarehttp://secunia.com/advisories/30135
PSIRT-CNA@flexerasoftwarehttp://secunia.com/secunia_research/2008-19/advisory/
PSIRT-CNA@flexerasoftwarehttp://securityreason.com/securityalert/3930
PSIRT-CNA@flexerasoftwarehttp://www.securityfocus.com/archive/1/493169/100/0/threaded
PSIRT-CNA@flexerasoftwarehttp://www.securityfocus.com/archive/1/493170/100/0/threaded
PSIRT-CNA@flexerasoftwarehttp://www.securitytracker.com/id?1020208
PSIRT-CNA@flexerasoftwarehttp://www.vupen.com/english/advisories/2008/1761/references
PSIRT-CNA@flexerasoftwarehttps://exchange.xforce.ibmcloud.com/vulnerabilities/42895
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30135
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/secunia_research/2008-19/advisory/
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3930
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/493169/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/493170/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020208
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1761/references

Is Your Infrastructure Affected by CVE-2008-1106?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-1106

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-1106?