Vulnerability Details CVE-2021-47723
STVS ProVision 5.9.10 contains a cross-site request forgery vulnerability that allows attackers to perform actions with administrative privileges by exploiting unvalidated HTTP requests. Attackers can visit malicious web sites to trigger the forge request, allowing them to create new admin users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.6%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2021-47723
-
cpe:2.3:a:stvs:provision:5.5
-
cpe:2.3:a:stvs:provision:5.6
-
cpe:2.3:a:stvs:provision:5.7
-
cpe:2.3:a:stvs:provision:5.8.6
-
cpe:2.3:a:stvs:provision:5.9.0
-
cpe:2.3:a:stvs:provision:5.9.1
-
cpe:2.3:a:stvs:provision:5.9.10
-
cpe:2.3:a:stvs:provision:5.9.7
-
cpe:2.3:a:stvs:provision:5.9.9