7.5

CVE-2017-7667

Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheNifi Version <= 0.7.3
ApacheNifi Version1.0.0
ApacheNifi Version1.0.1
ApacheNifi Version1.1.0
ApacheNifi Version1.1.1
ApacheNifi Version1.1.2
ApacheNifi Version1.2.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.39% 0.596
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE-346 Origin Validation Error

The product does not properly verify that the source of data or communication is valid.

http://www.securityfocus.com/bid/99018
Third Party Advisory
VDB Entry