Vulnerability vector:
- Base vulnerability score (CVSSv3.1): CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity (CVSSv3.1): 7.5 (high)
- Base vulnerability score (CVSSv4.0): CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
- Severity (CVSSv4.0): 8.7 (high)
Description:
The vulnerability was identified in PT NGFW, version1.8.1 (certified).
The discovered vulnerability can be exploited by an attacker to gain access to MinIO backups. The exfiltrated data can be used for reconnaissance of the organization's infrastructure to conduct subsequent attacks on the system.
Статус уязвимости: Confirmed by vendor
Рекомендации:
- Update to version 1.9.2 or higher