CVE-2019-14860

Medium

It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this…

redhat·CWE-942·Published 2019-11-08

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

227 chars

It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further access unauthorized information.

NVDen

227 chars

NVDes

262 chars

Se detectó que la configuración de Syndesis para Cross-Origin Resource Sharing fue establecida para permitir todos los orígenes. Un atacante podría utilizar esta falta de protección para conducir ataques de phishing y acceder aún más a información no autorizada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.0	Primary	cve.org	7.4	—	—	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N