CVE-2024-0555

Published Jan 16, 2024

Last updated 12 days ago

Overview

Description
A Cross-Site Request Forgery (CSRF) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token implementation.
Source
cve-coordination@incibe.es
NVD status
Modified

Risk scores

CVSS 3.1

Type
Primary
Base score
8
Impact score
5.9
Exploitability score
2.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

cve-coordination@incibe.es
CWE-352

Social media

Hype score
Not currently trending

Configurations