PT-2017-16852 · Belden Hirschmann · Gecko Lite Managed Switch

Publicado

2017-06-30

Atualizado

2019-10-09

CVE-2017-6038

CVSS v3.1

7.1

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L

Name of the Vulnerable Software and Affected Versions Belden Hirschmann GECKO Lite Managed switch versions 2.0.00 and prior

Description A Cross-Site Request Forgery issue was found in the web application, where it does not sufficiently verify that requests were provided by the user who submitted the request.

Recommendations For versions 2.0.00 and prior, update to a version that includes a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352

Identificadores relacionados

CVE-2017-6038

Produtos afetados

Gecko Lite Managed Switch

PT-2017-16852 · Belden Hirschmann · Gecko Lite Managed Switch

CVE-2017-6038

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3