CVE-2017-6038
HIGHBelden Hirschmann GECKO Lite Managed Switch Firmware < 2.0.00 - Cross-Site Request Forgery
Title source: llmDescription
A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request.
References (1)
Core 1
Core References
Mitigation, Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-17-026-02A
Scores
CVSS v3
7.1
EPSS
0.0044
EPSS Percentile
35.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L
Details
CWE
CWE-352
Status
published
Products (2)
belden_hirschmann/gecko_lite_managed_switch_firmware
< 2.0.00
n/a/Belden Hirschmann GECKO
Belden Hirschmann GECKO
Published
Jun 30, 2017
Tracked Since
Feb 18, 2026