7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
55.1%
Vulnerability in the MULTIPART_PART_HEADERS component of the open source web application firewall
ModSecurity is related to improper analysis of HTTP requests. Exploitation of the vulnerability could allow an
an attacker acting remotely to bypass the firewall’s protections
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | libmodsecurity | <= 3.0.8-1 | UNKNOWN |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.7 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
55.1%