Skip to main content

Burp Suite

5 CVEs product

Monthly

CVE-2022-35406 MEDIUM PATCH This Month

A URL disclosure issue was discovered in Burp Suite before 2022.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Burp Suite
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-44230 MEDIUM This Month

PortSwigger Burp Suite Enterprise Edition before 2021.11 on Windows has weak file permissions for the embedded H2 database, which might lead to privilege escalation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Burp Suite
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-29416 MEDIUM POC This Month

An issue was discovered in PortSwigger Burp Suite before 2021.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Burp Suite
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2018-1153 HIGH This Week

Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Burp Suite
NVD
CVSS 3.0
7.4
EPSS
0.5%
CVE-2018-10377 MEDIUM This Month

PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validation of the Collaborator server certificate, which might allow man-in-the-middle attackers to obtain interaction data. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Burp Suite
NVD
CVSS 3.0
5.9
EPSS
0.9%
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

A URL disclosure issue was discovered in Burp Suite before 2022.6. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Burp Suite
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

PortSwigger Burp Suite Enterprise Edition before 2021.11 on Windows has weak file permissions for the embedded H2 database, which might lead to privilege escalation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Burp Suite
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in PortSwigger Burp Suite before 2021.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Burp Suite
NVD
EPSS 0% CVSS 7.4
HIGH This Week

Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Burp Suite
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validation of the Collaborator server certificate, which might allow man-in-the-middle attackers to obtain interaction data. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Burp Suite
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy