Owasp Vulnerabilità

Sequenza temporale

Genere

Prodotto

OWASP ModSecurity Core Rule Set13
OWASP AntiSamy6
OWASP json-sanitizer3
OWASP ESAPI2
OWASP ModSecurity1

Contromisure

Official Fix24
Temporary Fix0
Workaround0
Unavailable0
Not Defined12

Sfruttabilità

High2
Functional0
Proof-of-Concept3
Unproven0
Not Defined31

Accesso al vettore

Not Defined0
Physical0
Local1
Adjacent2
Network33

Autenticazione

Not Defined0
High0
Low8
None28

Interazione dell'utente

Not Defined0
Required13
None23

C3BM Index

CVSSv3 Base

≤10
≤20
≤31
≤42
≤57
≤612
≤76
≤87
≤91
≤100

CVSSv3 Temp

≤10
≤20
≤31
≤42
≤59
≤612
≤78
≤84
≤90
≤100

VulDB

≤10
≤20
≤31
≤44
≤511
≤610
≤72
≤88
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤65
≤73
≤86
≤90
≤102

CNA

≤10
≤20
≤30
≤40
≤51
≤61
≤70
≤83
≤91
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k10
<2k16
<5k8
<10k1
<25k1
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k34
<2k0
<5k0
<10k2
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Products (17): AntiSamy (6), CSRFGuard (1), Dependency-Check (1), ESAPI (2), ESAPI for Java (1), Enterprise Security API (1), Java Encoder (1), Java HTML Sanitizer (1), ModSecurity (1), ModSecurity Core Rule Set (13), NodeGoat (1), PHP CSRF Guard (1), Stinger (1), WebScarab (1), ZAP (1), json-sanitizer (3), libModSecurity (1)

26 non vengono visualizzate più voci

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!