exploitDog

GHSA-pp38-7c4c-8x3w

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.4

Описание

One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM) attacks. This issue is fixed in version 8.1.4.

One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM) attacks. This issue is fixed in version 8.1.4.

Ссылки

EPSS

Процентиль: 81%

0.01492

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-319

Связанные уязвимости

CVE-2019-13498

CVSS3: 7.4

nvd

больше 6 лет назад

One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM) attacks. This issue is fixed in version 8.1.4.

EPSS

Процентиль: 81%

0.01492

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-319