exploitDog

GHSA-45ff-cx94-f6g5

Опубликовано: 22 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from their servers. Because they do not use HTTPS, OvrC Pro devices are susceptible to exploitation.

Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from their servers. Because they do not use HTTPS, OvrC Pro devices are susceptible to exploitation.

Ссылки

EPSS

Процентиль: 12%

0.00041

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-319

Связанные уязвимости

CVE-2023-31193

CVSS3: 7.5

nvd

больше 2 лет назад

Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from their servers. Because they do not use HTTPS, OvrC Pro devices are susceptible to exploitation.

EPSS

Процентиль: 12%

0.00041

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-319