Количество 3
Количество 3
CVE-2021-39173
Cachet is an open source status page system. Prior to version 2.5.1 authenticated users, regardless of their privileges (User or Admin), can trick Cachet and install the instance again, leading to arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving the middleware `ReadyForUse`, which now performs a stricter validation of the instance name. As a workaround, only allow trusted source IP addresses to access to the administration dashboard.
CVE-2021-39173
Cachet is an open source status page system. Prior to version 2.5.1 au ...
GHSA-r67m-m8c7-jp83
Cachet vulnerable to forced reinstall
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-39173 Cachet is an open source status page system. Prior to version 2.5.1 authenticated users, regardless of their privileges (User or Admin), can trick Cachet and install the instance again, leading to arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving the middleware `ReadyForUse`, which now performs a stricter validation of the instance name. As a workaround, only allow trusted source IP addresses to access to the administration dashboard. | CVSS3: 8.8 | 2% Низкий | больше 4 лет назад |
| CVE-2021-39173 Cachet is an open source status page system. Prior to version 2.5.1 au ... | CVSS3: 8.8 | 2% Низкий | больше 4 лет назад |
| GHSA-r67m-m8c7-jp83 Cachet vulnerable to forced reinstall | CVSS3: 8.8 | 2% Низкий | больше 4 лет назад |
Уязвимостей на страницу