Описание
A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 2.0.00 (включая)
Одновременно
cpe:2.3:o:belden_hirschmann:gecko_lite_managed_switch_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:belden_hirschmann:gecko_lite_managed_switch:-:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00077
Низкий
7.1 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-352
CWE-352
Связанные уязвимости
CVSS3: 7.1
github
больше 3 лет назад
A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request.
EPSS
Процентиль: 23%
0.00077
Низкий
7.1 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-352
CWE-352