CVE-2019-5630
Rapid7 Nexpose/InsightVM Security Console CSRF
A Cross-Site Request Forgery (CSRF) vulnerability was found in Rapid7 Nexpose InsightVM Security Console versions 6.5.0 through 6.5.68. This issue allows attackers to exploit CSRF vulnerabilities on API endpoints using Flash to circumvent a cross-domain pre-flight OPTIONS request.
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
Productos afectados
Rapid7 · Nexpose/InsightVM Security Console¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →