Описание
A server-side request forgery (SSRF) vulnerability in Bitdefender GravityZone Console allows an attacker to bypass input validation logic using leading characters in DNS requests. Paired with other potential vulnerabilities, this bypass could be used for execution of third party code. This issue affects GravityZone Console: before 6.41.2.1.
Уязвимые конфигурации
Конфигурация 1Версия до 6.41.2-1 (исключая)
cpe:2.3:a:bitdefender:gravityzone:*:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.0084
Низкий
7.3 High
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 7.3
github
10 месяцев назад
A server-side request forgery (SSRF) vulnerability in Bitdefender GravityZone Console allows an attacker to bypass input validation logic using leading characters in DNS requests. Paired with other potential vulnerabilities, this bypass could be used for execution of third party code. This issue affects GravityZone Console: before 6.41.2.1.
EPSS
Процентиль: 74%
0.0084
Низкий
7.3 High
CVSS3
Дефекты
CWE-918