Modern Honey Network Project: >> Modern Honey Network Security Vulnerabilities
Incorrect Access Control vulnerability in Modern Honey Network commit 0abf0db9cd893c6d5c727d036e1f817c02de4c7b allows remote attackers to view sensitive information via crafted PUT request to Web API.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-02-03
_get_flag_ip_localdb in server/mhn/ui/utils.py in Modern Honey Network (MHN) through 2020-11-23 allows attackers to cause a denial-of-service via an IP address that is absent from a local geolocation database, because the code tries to uppercase a return value even if that value is not a string.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-11-25