Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions prior to 9.3
References
Link | Resource |
---|---|
https://www.secomea.com/support/cybersecurity-advisory/#2923 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
26 Feb 2021, 18:58
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 5.3 |
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:h:secomea:gatemanager_8250:-:*:*:*:*:*:*:* cpe:2.3:o:secomea:gatemanager_8250_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:secomea:gatemanager_4260:-:*:*:*:*:*:*:* cpe:2.3:h:secomea:gatemanager_4250:-:*:*:*:*:*:*:* cpe:2.3:o:secomea:gatemanager_9250_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:secomea:gatemanager_4260_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:secomea:gatemanager_9250:-:*:*:*:*:*:*:* cpe:2.3:o:secomea:gatemanager_4250_firmware:*:*:*:*:*:*:*:* |
|
References | (MISC) https://www.secomea.com/support/cybersecurity-advisory/#2923 - Vendor Advisory |
16 Feb 2021, 16:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-16 16:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-29022
Mitre link : CVE-2020-29022
CVE.ORG link : CVE-2020-29022
JSON object : View
Products Affected
secomea
- gatemanager_4260_firmware
- gatemanager_9250_firmware
- gatemanager_8250_firmware
- gatemanager_8250
- gatemanager_4260
- gatemanager_4250
- gatemanager_4250_firmware
- gatemanager_9250
CWE