CVE-2024-6466

MEDIUM

NEC WebSAM DeploymentManager 6.0-6.80 - SSRF

Title source: llm

Description

NEC Corporation's WebSAM DeploymentManager v6.0 to v6.80 allows an attacker to reset configurations or restart products via network with X-FRAME-OPTIONS is not specified.

References (1)

[Various Sources] https://jpn.nec.com/security-info/secinfo/nv15-019_en.html

Scores

CVSS v3 5.3

EPSS 0.0023

EPSS Percentile 45.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1021

Status published

Products (1)

NEC Corporation/WebSAM DeploymentManager from v6.0 to v6.80

Published Jan 21, 2025

Tracked Since Feb 18, 2026