Описание
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise.
Уязвимые конфигурации
Конфигурация 1Версия до 6.38.1-5 (исключая)
cpe:2.3:a:bitdefender:gravityzone:*:*:*:*:on-premises:*:*:*
EPSS
Процентиль: 56%
0.00333
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-209
CWE-918
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise.
EPSS
Процентиль: 56%
0.00333
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-209
CWE-918