Описание
The Interactive Advertising Bureau (IAB) OpenRTB 2.3 protocol implementation might allow remote attackers to conceal the status of ad transactions and potentially compromise bid integrity by leveraging failure to limit the time between bid responses and impression notifications, aka the Amnesia Bug.
Ссылки
- ExploitMitigationThird Party Advisory
- ExploitMitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:iab:open_real-time_bidding:2.3:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.0027
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
The Interactive Advertising Bureau (IAB) OpenRTB 2.3 protocol implementation might allow remote attackers to conceal the status of ad transactions and potentially compromise bid integrity by leveraging failure to limit the time between bid responses and impression notifications, aka the Amnesia Bug.
EPSS
Процентиль: 50%
0.0027
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-264