CVE-2024-41811 - CERT CVE
ID CVE-2024-41811
Sažetak ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will be unaffected by this once `icinga-php-library` is upgraded. Version 0.10.1 includes a fix for this. It will be published as part of the `icinga-php-library` v0.14.1 release.
Reference
CVSS
Base: 3.9
Impact: 3.4
Exploitability:0.5
Pristup
VektorSloženostAutentikacija
NETWORK HIGH HIGH
Impact
PovjerljivostCjelovitostDostupnost
LOW LOW LOW
CVSS vektor CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
Zadnje važnije ažuriranje 06-08-2024 - 16:30
Objavljeno 05-08-2024 - 21:15