CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-13761

The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.3%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://www.fastly.com/security-advisories/vulnerability-fastly-open-source-cdn-module-intended-be-integrated-magento2
https://www.fastly.com/security-advisories/vulnerability-fastly-open-source-cdn-module-intended-be-integrated-magento2

Products affected by CVE-2017-13761

Fastly » Fastly » Version: 1.2.25

cpe:2.3:a:fastly:fastly:1.2.25

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-13761

Products

Pricing

Contact Us