CVE-2023-46964

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Nov 5, 2023
Updated: Nov 22, 2023
CWE ID 79

Summary

CVE-2023-46964 is a Cross-Site Scripting (XSS) vulnerability affecting Hillstone Next Generation Firewall SG-6000-e3960 version 5.5. This issue permits remote attackers to execute arbitrary code by exploiting the front-end filtering mechanism instead of the intended back-end filtering process. Successful exploitation could lead to unauthorized access, data theft, or other malicious activities. Users are advised to upgrade to the latest software version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share