cpe:/h:apc:network_management_card cpe:/h:apc:switched_rack_pdu CVE-2009-1797 2009-12-28T14:30:00.233-05:00 2010-06-29T00:00:00.000-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-12-29T09:01:00.000-05:00 ALLOWS_OTHER_ACCESS SECUNIA 37744 CERT-VN VU#166739 MISC http://holisticinfosec.org/content/view/111/45/ CONFIRM http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=10887 Multiple cross-site request forgery (CSRF) vulnerabilities on the Network Management Card (NMC) on American Power Conversion (APC) Switched Rack PDU (aka Rack Mount Power Distribution) devices and other devices allow remote attackers to hijack the authentication of (1) administrator or (2) device users for requests that create new administrative users or have unspecified other impact.