CVE-2022-4130

MEDIUM Year: 2022
CVSS v3 Score
4.5
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.

Related Vulnerabilities

CVE-2016-3429

MEDIUM
CVSS:4.5(Medium)

Unspecified vulnerability in the Oracle Retail Xstore Point of Service component in Oracle Retail Applications 5.0, 5.5, 6.0, 6.5, 7.0, and 7.1 allows remote authenticated users to affect confidential...

NVD-CWE-Other2016

CVE-2016-8287

MEDIUM
CVSS:4.5(Medium)

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.

NVD-CWE-Other2016

CVE-2017-10003

MEDIUM
CVSS:4.5(Medium)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Network Services Library). The supported version that is affected is 10. Difficult to exploit vulnerability a...

NVD-CWE-Other2017

CVE-2017-15525

MEDIUM
CVSS:4.5(Medium)

Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or...

NVD-CWE-Other2017

CVE-2018-21142

MEDIUM
CVSS:4.5(Medium)

Certain NETGEAR devices are affected by denial of service. This affects R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR3700v4 b...

NVD-CWE-Other2018

CVE-2018-21159

MEDIUM
CVSS:4.5(Medium)

NETGEAR ReadyNAS devices before 6.9.3 are affected by incorrect configuration of security settings.

NVD-CWE-Other2018