Описание
Cross-site request forgery (CSRF) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Ссылки
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:omron:ns_series_system_program_firmware:8.1:*:*:*:*:*:*:*
cpe:2.3:o:omron:ns_series_system_program_firmware:8.68:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:omron:ns10_hmi_terminal:-:*:*:*:*:*:*:*
cpe:2.3:h:omron:ns12_hmi_terminal:-:*:*:*:*:*:*:*
cpe:2.3:h:omron:ns15_hmi_terminal:-:*:*:*:*:*:*:*
cpe:2.3:h:omron:ns5_hmi_terminal:-:*:*:*:*:*:*:*
cpe:2.3:h:omron:ns8_hmi_terminal:-:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00067
Низкий
4.6 Medium
CVSS2
6 Medium
CVSS2
Дефекты
CWE-352
CWE-352
Связанные уязвимости
github
больше 3 лет назад
Cross-site request forgery (CSRF) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
EPSS
Процентиль: 21%
0.00067
Низкий
4.6 Medium
CVSS2
6 Medium
CVSS2
Дефекты
CWE-352
CWE-352