CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6036
https://notcve.org/view.php?id=CVE-2017-6036
30 Jun 2017 — A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request is being sent to the expected destination. Se ha descubierto un problema de Server-Site Request Forgery (SSRF) en el switch Belden Hirschmann GECKO Lite Managed, en versiones 2.0.00 y anteriores. El servidor web recibe una petición, pero no verifica lo suficiente que la petición se está envia... • https://ics-cert.us-cert.gov/advisories/ICSA-17-026-02A • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6038
https://notcve.org/view.php?id=CVE-2017-6038
30 Jun 2017 — A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request. Se ha descubierto un problema de Cross-Site Request Forgery (CSRF) en el switch Belden Hirschmann GECKO Lite Managed, en versiones 2.0.00 y anteriores. La aplicación web no verifica lo suficiente que las peticiones fuesen proporcionadas por el usuario que envió l... • https://ics-cert.us-cert.gov/advisories/ICSA-17-026-02A • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6040
https://notcve.org/view.php?id=CVE-2017-6040
30 Jun 2017 — An Information Exposure issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. Non-sensitive information can be obtained anonymously. Se ha descubierto un problema de exposición de información en el switch Belden Hirschmann GECKO Lite Managed, en versiones 2.0.00 y anteriores. Se puede obtener información no sensible de forma anónima. • https://ics-cert.us-cert.gov/advisories/ICSA-17-026-02A • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 1%CPEs: 2EXPL: 0CVE-2017-5163
https://notcve.org/view.php?id=CVE-2017-5163
13 Feb 2017 — An issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. After an administrator downloads a configuration file, a copy of the configuration file, which includes hashes of user passwords, is saved to a location that is accessible without authentication by path traversal. Ha sido descubierto un problema en Belden Hirschmann GECKO Lite Managed switch, versión 2.0.00 y versiones anteriores. Después de que un administrador descargue un archivo de configuración, u... • http://www.securityfocus.com/bid/95815 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •