PT-2017-16850 · Belden Hirschmann · Gecko Lite Managed Switch

Publicado

2017-06-30

Atualizado

2019-10-09

CVE-2017-6036

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Belden Hirschmann GECKO Lite Managed switch versions prior to 2.0.00

Description A Server-Side Request Forgery issue was discovered. The web server receives a request but does not sufficiently verify that the request is being sent to the expected destination.

Recommendations For versions prior to 2.0.00, update to version 2.0.00 or later to resolve the issue.

Correção

SSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-918

Identificadores relacionados

CVE-2017-6036

Produtos afetados

Gecko Lite Managed Switch

PT-2017-16850 · Belden Hirschmann · Gecko Lite Managed Switch

CVE-2017-6036

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3