CVE-2015-3976

GE Multilink Cross-site Scripting

CVSS 6.8 EPSS 1.2%CWE-79

Cross-site scripting (XSS) vulnerability in GE Multilink ML810/3000/3100 series switch 5.2.0 and earlier, and GE Multilink ML800/1200/1600/2400 4.2.1 and earlier.

AV:N/AC:L/Au:S/C:N/I:C/A:N

Productos afectados

GE · ML810/3000/3100 series switch GE · Multilink ML800/1200/1600/2400

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-013-04a.json https://ics-cert.us-cert.gov/advisories/ICSA-15-013-04A https://www.cisa.gov/news-events/ics-advisories/icsa-15-013-04a http://www.gedigitalenergy.com/products/support/multilink/MLSB1214.pdf