exploitDog

GHSA-m4f3-xvj4-9r9f

Опубликовано: 21 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain cleartext credentials via a crafted web request to the product API.

An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain cleartext credentials via a crafted web request to the product API.

Ссылки

EPSS

Процентиль: 28%

0.001

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-312

Связанные уязвимости

CVE-2023-27243

CVSS3: 7.5

nvd

больше 2 лет назад

An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain cleartext credentials via a crafted web request to the product API.

EPSS

Процентиль: 28%

0.001

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-312