Описание
HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper with configurations and interrupt normal services.
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до v200r006c00 (исключая)
cpe:2.3:a:huawei:hedex_lite:*:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00062
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper with configurations and interrupt normal services.
EPSS
Процентиль: 19%
0.00062
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352