exploitDog

CVE-2024-3083

Опубликовано: 31 июл. 2024

Источник: nvd

CVSS3: 8.3

EPSS Низкий

Описание

A “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrative privileges by luring authenticated victims into visiting a malicious web page.

Ссылки

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-3083
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:proges:sensor_net_connect_firmware_v2:2.24:*:*:*:*:*:*:*

cpe:2.3:h:proges:sensor_net_connect_v2:-:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01324

Низкий

8.3 High

CVSS3

Дефекты

CWE-352

CWE-352

Связанные уязвимости

GHSA-5j5f-mr3p-j7cr

CVSS3: 6.6

github

больше 1 года назад

A “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrative privileges by luring authenticated victims into visiting a malicious web page.

EPSS

Процентиль: 80%

0.01324

Низкий

8.3 High

CVSS3

Дефекты

CWE-352

CWE-352