Описание
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker (who already has access to execute code on one node within a Pexip Infinity installation) to impact the operation of other nodes within the installation.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 39.0 (исключая)
cpe:2.3:a:pexip:pexip_infinity:*:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00035
Низкий
7.5 High
CVSS3
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 7.5
github
около 1 месяца назад
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker (who already has access to execute code on one node within a Pexip Infinity installation) to impact the operation of other nodes within the installation.
EPSS
Процентиль: 10%
0.00035
Низкий
7.5 High
CVSS3
Дефекты
CWE-306