4.5.4

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

cynet

NVD

Published: 2022-09-08

Updated: 2024-11-21

Summary

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy users via a crafted GET request sent to /WebApp/DeceptionUser/GetAllDeceptionUsers.

Vulnerable Configurations

Part	Description	Count
Application	Cynet Cynet Cynet 360 4.5.1 Cynet Cynet 360 4.5.3 Cynet Cynet 360 4.5.4	3

References

https://www.cynet.com/platform/
https://www.cynet.com/platform/
https://www.srlabs.de/bites/edr-security
https://www.srlabs.de/bites/edr-security