exploitDog

GHSA-cfw8-mqxq-pp4x

Опубликовано: 30 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 2.1

CVSS3: 2.6

Описание

Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI This issue affects ANC software version 1.1.4 and earlier.

Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI This issue affects ANC software version 1.1.4 and earlier.

Ссылки

EPSS

Процентиль: 5%

0.00021

Низкий

2.1 Low

CVSS4

2.6 Low

CVSS3

CVE ID

Дефекты

CWE-620

Связанные уязвимости

CVE-2024-47784

CVSS3: 2.6

nvd

9 месяцев назад

Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI This issue affects ANC software version 1.1.4 and earlier.

EPSS

Процентиль: 5%

0.00021

Низкий

2.1 Low

CVSS4

2.6 Low

CVSS3

CVE ID

Дефекты

CWE-620