← back
CVE-2017-6038

CVE-2017-6038

EPSS 0.4%CWE-352
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
30 Jun 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request.
Affected products
n/a · Belden Hirschmann GECKO

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-17-026-02A