CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
55.5%
blackbox_exporter v0.23.0 was discovered to contain an access control issue in its probe interface. This vulnerability allows attackers to detect intranet ports and services, as well as download resources.
blackboxexporter.com
prometheus.com
github.com/prometheus/blackbox_exporter
github.com/prometheus/blackbox_exporter#tls-and-basic-authentication
github.com/prometheus/blackbox_exporter/issues/1024
github.com/prometheus/blackbox_exporter/issues/1025
github.com/prometheus/blackbox_exporter/issues/1026
nvd.nist.gov/vuln/detail/CVE-2023-26735