Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-38579

Опубликовано: 06 фев. 2024
Источник: nvd
CVSS3: 8
CVSS3: 8.8
EPSS Низкий

Описание

The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:westermo:l206-f2g_firmware:4.24:*:*:*:*:*:*:*
cpe:2.3:h:westermo:l206-f2g:-:*:*:*:*:*:*:*

EPSS

Процентиль: 22%
0.00071
Низкий

8 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-352
CWE-352

Связанные уязвимости

github логотип

GHSA-89f2-38w4-8x2m

CVSS3: 8
github
около 2 лет назад

The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.

EPSS

Процентиль: 22%
0.00071
Низкий

8 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-352
CWE-352