Описание
blackbox_exporter v0.23.0 was discovered to contain an access control issue in its probe interface. This vulnerability allows attackers to detect intranet ports and services, as well as download resources. NOTE: this is disputed by third parties because authentication can be configured.
Ссылки
- Broken Link
- Broken Link
- Product
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Broken Link
- Broken Link
- Product
- Issue Tracking
- Issue Tracking
- Issue Tracking
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:prometheus:blackbox_exporter:0.23.0:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.00253
Низкий
7.5 High
CVSS3
Дефекты
CWE-918
CWE-918
Связанные уязвимости
CVSS3: 7.5
ubuntu
почти 3 года назад
blackbox_exporter v0.23.0 was discovered to contain an access control issue in its probe interface. This vulnerability allows attackers to detect intranet ports and services, as well as download resources. NOTE: this is disputed by third parties because authentication can be configured.
CVSS3: 7.5
debian
почти 3 года назад
blackbox_exporter v0.23.0 was discovered to contain an access control ...
CVSS3: 7.5
github
почти 3 года назад
Withdrawn Advisory: Access control issues in blackbox_exporter
EPSS
Процентиль: 48%
0.00253
Низкий
7.5 High
CVSS3
Дефекты
CWE-918
CWE-918