Описание
A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could prepare a stored cross-site scripting (XSS) attack that may lead to unintentional modification of application data by legitimate users.
Уязвимые конфигурации
EPSS
4.7 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
Связанные уязвимости
A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could prepare a stored cross-site scripting (XSS) attack that may lead to unintentional modification of application data by legitimate users.
Уязвимость системы сетевого управления для мониторинга и управления промышленными сетями SINEC NMS, связанная с некорректной очисткой данных конфигурации SNMP, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
EPSS
4.7 Medium
CVSS3
5.4 Medium
CVSS3