CVE-2024-0314

Published Jan 15, 2024

Last updated 23 days ago

Overview

Description
XSS vulnerability in FireEye Central Management affecting version 9.1.1.956704, which could allow an attacker to modify special HTML elements in the application and cause a reflected XSS, leading to a session hijacking.
Source
cve-coordination@incibe.es
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
6.1
Impact score
2.7
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity
MEDIUM

Weaknesses

cve-coordination@incibe.es
CWE-79

Social media

Hype score
Not currently trending

Configurations