CVE-2023-28718 - CERT CVE
ID CVE-2023-28718
Sažetak Osprey Pump Controller version 1.01 allows users to perform certain actions via HTTP requests without performing any checks to verify the requests. This may allow an attacker to perform certain actions with administrative privileges if a logged-in user visits a malicious website.
Reference
CVSS
Base: 8.0
Impact: 5.9
Exploitability:2.1
Pristup
VektorSloženostAutentikacija
NETWORK LOW -
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 07-11-2023 - 04:10
Objavljeno 28-03-2023 - 21:15