Описание
WebConnect 6.5, 6.4.4, and possibly earlier versions allows remote attackers to cause a denial of service (hang) via a URL containing an MS-DOS device name such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- PatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- PatchThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:openconnect:webconnect:6.4.4:*:*:*:*:*:*:*
cpe:2.3:a:openconnect:webconnect:6.5:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.08687
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
WebConnect 6.5, 6.4.4, and possibly earlier versions allows remote attackers to cause a denial of service (hang) via a URL containing an MS-DOS device name such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1.
EPSS
Процентиль: 92%
0.08687
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other