CVE-2023-5451

CVSS 6.1 MEDIUMEPSS 0.3%CWE-79

Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Next Generation Firewall Security Management Center (SMC Downloads feature) allows Reflected XSS. This issue affects Next Generation Firewall Security Management Center : before 6.10.13, from 6.11.0 before 7.1.2.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Productos afectados

Forcepoint · Next Generation Firewall Security Management Center

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.forcepoint.com/s/article/000042395