VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-hfp7-rkga-aaak

Essentials
Severities (111)
References (29)
Severity details (26)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-hfp7-rkga-aaak
Aliases	CVE-2023-45857 GHSA-wf5p-g6vw-rhxx
Summary	An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-352	Cross-Site Request Forgery (CSRF)
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-200	Exposure of Sensitive Information to an Unauthorized Actor

System	Score	Found at
cvssv3	6.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45857.json
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00055	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00063	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00070	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00079	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00079	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00079	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00094	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00116	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.00252	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
epss	0.01561	https://api.first.org/data/v1/epss?cve=CVE-2023-45857
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
cvssv3.1	6.5	https://github.com/axios/axios
generic_textual	HIGH	https://github.com/axios/axios
cvssv3.1	6.5	https://github.com/axios/axios/commit/2755df562b9c194fba6d8b609a383443f6a6e967
generic_textual	MODERATE	https://github.com/axios/axios/commit/2755df562b9c194fba6d8b609a383443f6a6e967
cvssv3.1	6.5	https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0
generic_textual	MODERATE	https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0
cvssv3.1	6.5	https://github.com/axios/axios/issues/6006
generic_textual	MODERATE	https://github.com/axios/axios/issues/6006
cvssv3.1	6.5	https://github.com/axios/axios/issues/6022
generic_textual	MODERATE	https://github.com/axios/axios/issues/6022
cvssv3.1	6.5	https://github.com/axios/axios/pull/6028
generic_textual	MODERATE	https://github.com/axios/axios/pull/6028
cvssv3.1	6.5	https://github.com/axios/axios/pull/6091
generic_textual	MODERATE	https://github.com/axios/axios/pull/6091
cvssv3.1	6.5	https://github.com/axios/axios/releases/tag/v0.28.0
generic_textual	MODERATE	https://github.com/axios/axios/releases/tag/v0.28.0
cvssv3.1	6.5	https://github.com/axios/axios/releases/tag/v1.6.0
generic_textual	MODERATE	https://github.com/axios/axios/releases/tag/v1.6.0
cvssv3	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-45857
cvssv3.1	6.5	https://nvd.nist.gov/vuln/detail/CVE-2023-45857
cvssv3.1	6.5	https://security.netapp.com/advisory/ntap-20240621-0006
generic_textual	MODERATE	https://security.netapp.com/advisory/ntap-20240621-0006
cvssv3.1	6.5	https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
generic_textual	MODERATE	https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45857.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-45857
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45857
		https://github.com/axios/axios
		https://github.com/axios/axios/commit/2755df562b9c194fba6d8b609a383443f6a6e967
		https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0
		https://github.com/axios/axios/issues/6006
		https://github.com/axios/axios/issues/6022
		https://github.com/axios/axios/pull/6028
		https://github.com/axios/axios/pull/6091
		https://github.com/axios/axios/releases/tag/v0.28.0
		https://github.com/axios/axios/releases/tag/v1.6.0
		https://security.netapp.com/advisory/ntap-20240621-0006
		https://security.netapp.com/advisory/ntap-20240621-0006/
		https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1056099		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056099
2248979		https://bugzilla.redhat.com/show_bug.cgi?id=2248979
cpe:2.3:a:axios:axios:1.5.1:::::node.js::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axios:axios:1.5.1:::::node.js::
CVE-2023-45857		https://nvd.nist.gov/vuln/detail/CVE-2023-45857
GHSA-wf5p-g6vw-rhxx		https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
RHSA-2024:1925		https://access.redhat.com/errata/RHSA-2024:1925
RHSA-2024:3314		https://access.redhat.com/errata/RHSA-2024:3314
RHSA-2024:3316		https://access.redhat.com/errata/RHSA-2024:3316
RHSA-2024:3473		https://access.redhat.com/errata/RHSA-2024:3473
RHSA-2024:3920		https://access.redhat.com/errata/RHSA-2024:3920
RHSA-2024:4269		https://access.redhat.com/errata/RHSA-2024:4269
RHSA-2024:4455		https://access.redhat.com/errata/RHSA-2024:4455
RHSA-2024:5314		https://access.redhat.com/errata/RHSA-2024:5314
RHSA-2025:2876		https://access.redhat.com/errata/RHSA-2025:2876

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45857.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/axios/axios

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/axios/axios/commit/2755df562b9c194fba6d8b609a383443f6a6e967

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/axios/axios/commit/96ee232bd3ee4de2e657333d4d2191cd389e14d0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/axios/axios/issues/6006

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/axios/axios/issues/6022

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/axios/axios/pull/6028

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/axios/axios/pull/6091

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/axios/axios/releases/tag/v0.28.0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://github.com/axios/axios/releases/tag/v1.6.0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-45857

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-45857

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://security.netapp.com/advisory/ntap-20240621-0006

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.17378
EPSS Score	0.00055
Published At	May 1, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.