CVE-2017-6038

2017-06-3002:35:00

CWE-352

icscert

www.cve.org

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.2%

JSON

A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request.

CNA Affected

[
  {
    "product": "Belden Hirschmann GECKO",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Belden Hirschmann GECKO"
      }
    ]
  }
]

References

ics-cert.us-cert.gov/advisories/ICSA-17-026-02A