Vulnerabilities

CVE-2024-0314

by Fred · 15/01/2024

XSS vulnerability in FireEye Central Management affecting version 9.1.1.956704, which could allow an attacker to modify special HTML elements in the application and cause a reflected XSS, leading to a session hijacking.

More information : https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fireeye-products

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : REQUIRED
Confidentiality impact : LOW
Integrity impact : LOW
Base score : 6.1
Base severity : MEDIUM
Exploitability score : 2.8
Impact score : 2.7

Similar

Tags: Cybersecurity Alert