Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-4130

Опубликовано: 16 янв. 2023
Источник: redhat
CVSS3: 3.5
EPSS Низкий

Описание

A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-918
https://bugzilla.redhat.com/show_bug.cgi?id=2145254satellite: Blind SSRF via Referer header

EPSS

Процентиль: 31%
0.00121
Низкий

3.5 Low

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-4130

CVSS3: 4.5
nvd
около 3 лет назад

A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.

github логотип

GHSA-qq54-c3p8-j5hg

CVSS3: 7.5
github
около 3 лет назад

A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.

EPSS

Процентиль: 31%
0.00121
Низкий

3.5 Low

CVSS3