CVE-2017-12795

EPSS 0.85%
Veröffentlicht 10.05.2019 15:29:00
Zuletzt bearbeitet 21.11.2024 03:10:12
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: (Improper Input Validation).

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Openmrs ≫ Openmrs-module-htmlformentry Version3.3.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.85%	0.746

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://openmrs-module-htmlformentry.com

Broken Link

http://openmrs.com

Vendor Advisory

Product

https://github.com/openmrs/openmrs-module-htmlformentry/commit/86f35221c8a57cdd7557ce731a56b90db216c8e0

Patch

Third Party Advisory

https://github.com/openmrs/openmrs-module-htmlformentry/compare/f50bdf1...cc0be04

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-12795

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-12795

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-12795

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2017-12795