Описание
Improper authentication and missing CSRF protection in the local setup interface component in HCL BigFix IVR version 4.2 allows a local attacker to perform unauthorized configuration changes via unauthenticated administrative configuration requests.
EPSS
Процентиль: 0%
0.00006
Низкий
2.9 Low
CVSS3
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 2.9
github
около 1 месяца назад
Improper authentication and missing CSRF protection in the local setup interface component in HCL BigFix IVR version 4.2 allows a local attacker to perform unauthorized configuration changes via unauthenticated administrative configuration requests.
EPSS
Процентиль: 0%
0.00006
Низкий
2.9 Low
CVSS3
Дефекты
CWE-306