← voltar
CVE-2024-2223

Incorrect Regular Expression in GravityZone Update Server (VA-11465)

CVSS 8.1 HIGHEPSS 0.5%CWE-185
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component:  Bitdefender Endpoint Security for Linux version 7.0.5.200089 Bitdefender Endpoint Security for  Windows version 7.9.9.380 GravityZone Control Center (On Premises) version 6.36.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Bitdefender · Endpoint Security for LinuxBitdefender · Endpoint Security for WindowsBitdefender · GravityZone Control Center (On Premises)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.bitdefender.com/support/security-advisories/incorrect-regular-expression-in-gravityzone-update-server-va-11465/