exploitDog

GHSA-vxpp-m9vw-rjcx

Опубликовано: 03 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.2

Описание

PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 does not properly address environment issues that can contribute to Host header injection.

PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 does not properly address environment issues that can contribute to Host header injection.

Ссылки

EPSS

Процентиль: 5%

0.0002

Низкий

4.2 Medium

CVSS3

CVE ID

Дефекты

CWE-348

Связанные уязвимости

CVE-2024-54840

CVSS3: 4.2

nvd

около 1 года назад

PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 does not properly address environment issues that can contribute to Host header injection.

EPSS

Процентиль: 5%

0.0002

Низкий

4.2 Medium

CVSS3

CVE ID

Дефекты

CWE-348