CyberSec.Space Logo
Back to CVE Browser

CVE-2014-7198

HIGH
8.8
CVSS Severity Score
EPSS Score0.0540%
EPSS Percentile16.32th
PublishedApr 1, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

OMERO before 5.0.6 has multiple CSRF vulnerabilities because the framework for OMERO's web interface lacks CSRF protection.

Affected Platforms (CPE)

πŸ“¦
Openmicroscopy

Omero

< 5.0.6

References & Advisories

πŸ”— http://lists.openmicroscopy.org.uk/pipermail/ome-users/2014-November/004871.html
πŸ”— https://www.openmicroscopy.org/security/advisories/2014-SV3-csrf/
πŸ”— http://lists.openmicroscopy.org.uk/pipermail/ome-users/2014-November/004871.html
πŸ”— https://www.openmicroscopy.org/security/advisories/2014-SV3-csrf/

Related Vulnerabilities

CVE-2017-10004388.3

In OMERO 5.3.3 or earlier a user could create an OriginalFile and adjust its path such that it now points to another user's file o...

CVE-2019-99437.5

In ome.services.graphs.GraphTraversal.findObjectDetails in Open Microscopy Environment OMERO.server 5.1.0 through 5.6.0, permissio...

CVE-2019-99447.5

In Open Microscopy Environment OMERO.server 5.0.0 through 5.6.0, the reading of files from imported image filesets may circumvent ...

CVE-2019-162455.3

OMERO before 5.6.1 makes the details of each user available to all users.