icon

We found results for “

CVE-2017-5042

Good to know:

Date: April 24, 2017

Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent.

Language: Unix

Severity Score

Severity Score

Weakness Type (CWE)

Information Leak / Disclosure

CWE-200

Missing Encryption of Sensitive Data

CWE-311

Top Fix

icon

Upgrade Version

CVSS v3

Base Score:
Attack Vector (AV): ADJACENT_NETWORK
Attack Complexity (AC): LOW
Privilegs Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): NONE

CVSS v2

Base Score:
Access Vector (AV): ADJACENT_NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): NONE
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us