Описание
A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request is being sent to the expected destination.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 2.0.00 (включая)
Одновременно
cpe:2.3:o:belden_hirschmann:gecko_lite_managed_switch_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:belden_hirschmann:gecko_lite_managed_switch:-:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00152
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-918
CWE-918
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request is being sent to the expected destination.
EPSS
Процентиль: 36%
0.00152
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-918
CWE-918