MEDIUM✓ PATCH🇬🇧 English

CVE-2020-29022

CVSS 5.3v3.1pub. 2021-02-16upd. 2024-11-21

Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions prior to 9.3

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • Secomea Gatemanager 4250

    HW
    Secomea
    wszystkie wersje
  • Secomea Gatemanager 4250 Firmware

    OS
    Secomea
    wszystkie wersje
  • Secomea Gatemanager 4260

    HW
    Secomea
    wszystkie wersje
  • Secomea Gatemanager 4260 Firmware

    OS
    Secomea
    wszystkie wersje
  • Secomea Gatemanager 8250

    HW
    Secomea
    wszystkie wersje
  • Secomea Gatemanager 8250 Firmware

    OS
    Secomea
    < 9.3
  • Secomea Gatemanager 9250

    HW
    Secomea
    wszystkie wersje
  • Secomea Gatemanager 9250 Firmware

    OS
    Secomea
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2020-29026CRITICAL9.0ten sam produkt

A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authe...

CVE-2020-14510CRITICAL9.8ten sam produkt

GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing...

CVE-2020-14500CRITICAL10.0ten sam produkt

Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary ...

CVE-2022-25787HIGH7.5ten sam produkt

Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allo...

CVE-2020-29032HIGH8.4ten sam produkt

Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authent...