exploitDog

CVE-2024-0314

Опубликовано: 15 янв. 2024

Источник: nvd

CVSS3: 5.4

CVSS3: 6.1

EPSS Низкий

Описание

XSS vulnerability in FireEye Central Management affecting version 9.1.1.956704, which could allow an attacker to modify special HTML elements in the application and cause a reflected XSS, leading to a session hijacking.

Ссылки

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fireeye-products
Third Party Advisory
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fireeye-products
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fireeye:central_management:9.1.1.956704:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00076

Низкий

5.4 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-mprg-3w6p-hrm6

CVSS3: 5.4

github

около 2 лет назад

XSS vulnerability in FireEye Central Management affecting version 9.1.1.956704, which could allow an attacker to modify special HTML elements in the application and cause a reflected XSS, leading to a session hijacking.

EPSS

Процентиль: 23%

0.00076

Низкий

5.4 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79