← voltar
CVE-2020-1760

CVE-2020-1760

CVSS 5.8 MEDIUMEPSS 1.5%CWE-79
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.8EPSS 1.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
23 abr 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
Produtos afetados
[UNKNOWN] · ceph

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1760https://lists.debian.org/debian-lts-announce/2021/08/msg00013.htmlhttps://lists.debian.org/debian-lts-announce/2023/10/msg00034.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3A2UFR5IUIEXJUCF64GQ5OVLCZGODXE/https://security.gentoo.org/glsa/202105-39https://usn.ubuntu.com/4528-1/https://www.openwall.com/lists/oss-security/2020/04/07/1