Описание
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only).
Ссылки
- Vendor Advisory
- ExploitThird Party Advisory
- Release Notes
- Vendor Advisory
- ExploitThird Party Advisory
- Release Notes
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sphinxsearch:sphinx:3.1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00754
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 6 лет назад
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only).
CVSS3: 7.5
debian
больше 6 лет назад
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and ...
CVSS3: 7.5
github
больше 3 лет назад
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only).
EPSS
Процентиль: 73%
0.00754
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306