Owasp Modsecurity Core Rule Set Sårbarheter

Tidslinje

Version

3.010
3.110
3.3.05
3.3.15
3.3.24

Åtgärd

Official Fix7
Temporary Fix0
Workaround0
Unavailable0
Not Defined6

Utnyttjbarhet

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined13

Åtkomstvektor

Not Defined0
Physical0
Local0
Adjacent0
Network13

Autentisering

Not Defined0
High0
Low0
None13

Användarinteraktion

Not Defined0
Required0
None13

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤40
≤50
≤65
≤71
≤86
≤91
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤40
≤50
≤65
≤74
≤84
≤90
≤100

VulDB

≤10
≤20
≤30
≤40
≤50
≤66
≤70
≤87
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤65
≤70
≤83
≤90
≤101

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤83
≤90
≤100

Säljare

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Utnyttja 0-dagars

<1k0
<2k7
<5k5
<10k0
<25k1
<50k0
<100k0
≥100k0

Utnyttja idag

<1k12
<2k0
<5k0
<10k1
<25k0
<50k0
<100k0
≥100k0

Utnyttja marknadsvolymen

🔴 CTI Aktiviteter

Affected Versions (14): 3.0, 3.0.2, 3.1, 3.1.0-rc1, 3.1.0-rc2, 3.1.0-rc3, 3.1.1, 3.2, 3.2.1, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.3.4

PubliceradBaseTempSårbarhet0dayI dagUtnRemCTICVE
13/07/20237.37.0OWASP ModSecurity Core Rule Set Content-Header privilegier eskalering$0-$5kBeräknandeNot DefinedOfficial Fix0.00CVE-2023-38199
20/09/20227.47.3OWASP ModSecurity Core Rule Set Response Body privilegier eskalering$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-39957
20/09/20226.46.3OWASP ModSecurity Core Rule Set Response Body privilegier eskalering$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-39958
20/09/20227.37.0OWASP ModSecurity Core Rule Set HTTP Multipart Request privilegier eskalering$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-39956
20/09/20228.18.0OWASP ModSecurity Core Rule Set HTTP Header privilegier eskalering$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2022-39955
06/11/20217.37.0OWASP ModSecurity Core Rule Set Pathname privilegier eskalering$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2021-35368
09/07/20197.47.4OWASP ModSecurity Core Rule Set PHP Script Upload Rule privilegier eskalering$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2019-13464
21/04/20195.35.3OWASP ModSecurity Core Rule Set REQUEST-933-APPLICATION-ATTACK-PHP.conf privilegier eskalering$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2019-11391
21/04/20195.35.3OWASP ModSecurity Core Rule Set REQUEST-933-APPLICATION-ATTACK-PHP.conf privilegier eskalering$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-11390
21/04/20195.35.3OWASP ModSecurity Core Rule Set REQUEST-933-APPLICATION-ATTACK-PHP.conf privilegier eskalering$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2019-11389

3 fler poster visas inte

fler inlägg av Owasp

Do you want to use VulDB in your project?

Use the official API to access entries easily!