PT-2023-17290 · Keysight · Keysight Ixia Hawkeye

C4Ng4C3Ir0

Publicado

2023-04-05

Atualizado

2024-05-17

CVE-2023-1860

CVSS v3.1

6.1

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Keysight IXIA Hawkeye version 3.3.16.28

Description A problem has been found in the software. It affects unknown code in the /licenses file. The issue arises when the view argument is manipulated with a specific input, leading to cross-site scripting. This can be done remotely.

Recommendations For version 3.3.16.28, as a temporary workaround, consider restricting access to the /licenses file until a patch is available. Avoid using the view argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2023-1860

Produtos afetados

Keysight Ixia Hawkeye

PT-2023-17290 · Keysight · Keysight Ixia Hawkeye

CVE-2023-1860

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5