exploitDog

CVE-2019-11641

Опубликовано: 01 мая 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system.

Ссылки

https://github.com/threatstream/agave/issues/1
Issue Tracking
Third Party Advisory
https://github.com/threatstream/agave/issues/1
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:anomali:agave:*:*:*:*:*:*:*:*

Версия до 1.0.0 (включая)

EPSS

Процентиль: 50%

0.00265

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-330

Связанные уязвимости

GHSA-r8cf-4rjc-hxwg

CVSS3: 7.5

github

больше 3 лет назад

Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system.

EPSS

Процентиль: 50%

0.00265

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-330