CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10771

A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. This flaw allows an attacker to perform a cross-site request forgery (CSRF) attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.7%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 5.8

References

https://bugzilla.redhat.com/show_bug.cgi?id=1846293
https://security.netapp.com/advisory/ntap-20210827-0003/
https://bugzilla.redhat.com/show_bug.cgi?id=1846293
https://security.netapp.com/advisory/ntap-20210827-0003/

Products affected by CVE-2020-10771

Infinispan » Infinispan-Server-Rest » Version: 10.0.0

cpe:2.3:a:infinispan:infinispan-server-rest:10.0.0
Netapp » Oncommand Insight » Version: N/A

cpe:2.3:a:netapp:oncommand_insight:-
Redhat » Data Grid » Version: 8.0

cpe:2.3:a:redhat:data_grid:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10771

Products

Pricing

Contact Us