Date published: 2015-04-21T11:59:00.090-04:00
Date last modified: 2016-04-07T09:37:59.197-04:00
CVSS Score: 6.8
Principal attack vector: NETWORK
Reference URL: http://packetstormsecurity.com/files/131496/Landesk-Management-Suite-9.5-RFI-CSRF.html
Summary: Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk Management Suite 9.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) start, (2) stop, or (3) restart services via a request to remote/serverServices.aspx.