Vulnerabilities > CVE-2017-6036 - Server-Side Request Forgery (SSRF) vulnerability in Belden Hirschmann Gecko Lite Managed Switch Firmware

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
belden-hirschmann
CWE-918
NVD
Published: 2017-06-30
Updated: 2019-10-09

Summary

A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web server receives a request, but does not sufficiently verify that the request is being sent to the expected destination.

Vulnerable Configurations

Part Description Count
OS
Belden_Hirschmann
1
Hardware
Belden_Hirschmann
1

Common Weakness Enumeration (CWE)

References