exploitDog

GHSA-rcvm-rqrr-gf3r

Опубликовано: 16 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/", and attackers can obtain relevant information by specifying the URL.

CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/", and attackers can obtain relevant information by specifying the URL.

Ссылки

EPSS

Процентиль: 52%

0.0029

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-668

Связанные уязвимости

CVE-2022-23317

CVSS3: 7.5

nvd

почти 4 года назад

CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/", and attackers can obtain relevant information by specifying the URL.

EPSS

Процентиль: 52%

0.0029

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-668