PT-2023-25619 · Cashit! · Cashit!
Daniel
+12
·
Publicado
2023-10-03
·
Atualizado
2023-12-28
·
CVE-2023-3654
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
cashIT! - serving solutions versions 03.A06rks 2023.02.37 and earlier
Description
The issue is related to an origin bypass via the host header in an HTTP request. This can be triggered by an HTTP endpoint exposed to the network.
Recommendations
For versions 03.A06rks 2023.02.37 and earlier, consider restricting access to HTTP endpoints exposed to the network as a temporary workaround until a patch is available.
Correção
Origin Validation Error
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cashit!