exploitDog

CVE-2019-13200

Опубликовано: 13 мар. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Reflected XSS. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions.

Ссылки

https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-kyocera-printers/
Third Party Advisory
https://www.nccgroup.trust/us/our-research/technical-advisory-multiple-vulnerabilities-in-kyocera-printers/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:kyocera:ecosys_m5526cdw_firmware:2r7_2000.001.701:*:*:*:*:*:*:*

cpe:2.3:h:kyocera:ecosys_m5526cdw:-:*:*:*:*:*:*:*

EPSS

Процентиль: 15%

0.00048

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-rjp4-3jmg-764m

github

больше 3 лет назад

The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Reflected XSS. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions.

EPSS

Процентиль: 15%

0.00048

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79