Skip to main content

CWE-435

Improper Interaction Between Multiple Correctly-Behaving Entities

3 CVEs Avg CVSS 5.8 MITRE
0
CRITICAL
1
HIGH
2
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2023-43052 MEDIUM This Month

IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure IBM Control Center
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2021-34699 HIGH This Week

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service iOS Ios Xe
NVD
CVSS 3.1
7.7
EPSS
1.1%
CVE-2020-5255 PHP MEDIUM PATCH This Month

In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Symfony
NVD GitHub
CVSS 3.1
4.3
EPSS
1.3%
EPSS 0% CVSS 5.3
MEDIUM This Month

IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure IBM Control Center
NVD
EPSS 1% CVSS 7.7
HIGH This Week

A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Apple Denial Of Service +2
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Symfony
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy