CVE-2016-7067

Опубликовано: 10 сент. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host or disable/enable monitoring for a specific service.

Ссылки

http://www.securityfocus.com/bid/93953
Third Party Advisory
VDB Entry
https://bitbucket.org/tildeslash/monit/commits/c6ec3820e627f85417053e6336de2987f2d863e3?at=master
Exploit
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7067
Issue Tracking
Third Party Advisory
https://seclists.org/oss-sec/2016/q4/267
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/93953
Third Party Advisory
VDB Entry
https://bitbucket.org/tildeslash/monit/commits/c6ec3820e627f85417053e6336de2987f2d863e3?at=master
Exploit
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7067
Issue Tracking
Third Party Advisory
https://seclists.org/oss-sec/2016/q4/267
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mmonit:monit:*:*:*:*:*:*:*:*

Версия до 5.20.0 (исключая)

EPSS

Процентиль: 42%

0.00204

Низкий

6.5 Medium

CVSS3

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

CVE-2016-7067

CVSS3: 6.5

ubuntu

больше 7 лет назад

CVE-2016-7067

CVSS3: 6.5

debian

больше 7 лет назад

Monit before version 5.20.0 is vulnerable to a cross site request forg ...

GHSA-62rw-754v-xcw2

CVSS3: 6.5

github

больше 3 лет назад

openSUSE-SU-2016:2877-1

suse-cvrf

около 9 лет назад

Security update for monit

EPSS

Процентиль: 42%

0.00204

Низкий

6.5 Medium

CVSS3

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352