exploitDog

CVE-2019-9596

Опубликовано: 23 окт. 2019

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint.

Ссылки

http://packetstormsecurity.com/files/152986/Darktrace-Enterpise-Immune-System-3.0.9-3.0.10-Cross-Site-Request-Forgery.html
Exploit
Third Party Advisory
VDB Entry
https://github.com/gerwout/CVE-2019-9596-and-CVE-2019-9597/blob/master/poc.html
Exploit
Third Party Advisory
https://seclists.org/bugtraq/2019/May/54
Exploit
Mailing List
Third Party Advisory
https://www.peerlyst.com/posts/exploiting-two-zero-days-in-a-darktrace-appliance-cve-2019-9596-and-cve-2019-9597-gerwout-van-der-veen
Exploit
Technical Description
Third Party Advisory
http://packetstormsecurity.com/files/152986/Darktrace-Enterpise-Immune-System-3.0.9-3.0.10-Cross-Site-Request-Forgery.html
Exploit
Third Party Advisory
VDB Entry
https://github.com/gerwout/CVE-2019-9596-and-CVE-2019-9597/blob/master/poc.html
Exploit
Third Party Advisory
https://seclists.org/bugtraq/2019/May/54
Exploit
Mailing List
Third Party Advisory
https://www.peerlyst.com/posts/exploiting-two-zero-days-in-a-darktrace-appliance-cve-2019-9596-and-cve-2019-9597-gerwout-van-der-veen
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:darktrace:enterprise_immune_system:*:*:*:*:*:*:*:*

Версия до 3.1 (исключая)

EPSS

Процентиль: 84%

0.02074

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-667w-x292-xmxh

CVSS3: 6.5

github

больше 3 лет назад

Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint.

EPSS

Процентиль: 84%

0.02074

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-352