Описание
Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.6.160 (включая)
cpe:2.3:a:rapid7:insightvm:*:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00133
Низкий
3.3 Low
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-200
CWE-613
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user
EPSS
Процентиль: 33%
0.00133
Низкий
3.3 Low
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-200
CWE-613