exploitDog

CVE-2024-34093

Опубликовано: 06 мая 2024

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

An issue was discovered in Archer Platform 6 before 2024.03. There is an X-Forwarded-For Header Bypass vulnerability. An unauthenticated attacker could potentially bypass intended whitelisting when X-Forwarded-For header is enabled.

Ссылки

https://archerirm.com
Product
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963
Vendor Advisory
https://archerirm.com
Product
https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:archerirm:archer:*:*:*:*:*:*:*:*

Версия до 2024.03 (исключая)

EPSS

Процентиль: 42%

0.002

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-287

Связанные уязвимости

GHSA-g4jh-vmj9-2xmw

CVSS3: 5.3

github

почти 2 года назад

An issue was discovered in Archer Platform 6 before 2024.03. There is an X-Forwarded-For Header Bypass vulnerability. An unauthenticated attacker could potentially bypass intended whitelisting when X-Forwarded-For header is enabled.

EPSS

Процентиль: 42%

0.002

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-287