exploitDog

CVE-2015-7910

Опубликовано: 19 нояб. 2015

Источник: nvd

CVSS2: 7.8

EPSS Низкий

Описание

Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body.

Ссылки

https://ics-cert.us-cert.gov/advisories/ICSA-15-321-01
Third Party Advisory
US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-321-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:exemys:telemetry_web_server:*:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00265

Низкий

7.8 High

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-q5jg-rmvf-mrxc

github

больше 3 лет назад

Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body.

EPSS

Процентиль: 50%

0.00265

Низкий

7.8 High

CVSS2

Дефекты

CWE-200