exploitDog

GHSA-r846-97c8-mfhp

Опубликовано: 09 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles.

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles.

Ссылки

EPSS

Процентиль: 58%

0.00363

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2022-27968

CVSS3: 5.3

nvd

больше 3 лет назад

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles.

EPSS

Процентиль: 58%

0.00363

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-287