CVE-2020-29022

Medium

Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoning…

Secomea·CWE-159·Published 2021-02-16

CVSS

5.3

EPSS

0.01

KEV

Exploits

cve.orgen

206 chars

Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions prior to 9.3

NVDen

206 chars

NVDes

270 chars

Un fallo en la saneamiento del valor del encabezado del host en la salida del servidor web GateManager, podría permitir a un atacante conducir ataques de envenenamiento de la caché web. Este problema afecta a Secomea GateManager todas las versiones anteriores a 9.3

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N