Описание
Server-Side Request Forgery vulnerability in Haivision's Aviwest Manager and Aviwest Steamhub. This vulnerability could allow an attacker to enumerate internal network configuration without the need for credentials. An attacker could compromise an internal server and retrieve requests sent by other users.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:haivision:maanager:*:*:*:*:*:*:*:*
cpe:2.3:a:haivision:streamhub:*:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00046
Низкий
6.5 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 6.5
github
почти 2 года назад
Server-Side Request Forgery vulnerability in Haivision's Aviwest Manager and Aviwest Steamhub. This vulnerability could allow an attacker to enumerate internal network configuration without the need for credentials. An attacker could compromise an internal server and retrieve requests sent by other users.
EPSS
Процентиль: 14%
0.00046
Низкий
6.5 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-918