📦

suricata_package

Vendor: pfsense

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 7 Total Indexed

Avg. EPSS 0.36% Exploit Prob.

Latest CVE CVE-2020-19678 Apr 06

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2020-19678

Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a remote attacker to obtain sensitive information via the file parameter to suricata/suricata_logs_browser.php.

EPSS: 0.98%

Severity: HIGH

Apr 06, 2023

5.8 CVSS

CVE-2014-4696

Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (2) the returl parameter to suricata_select_alias.php.

EPSS: 0.05%

Severity: MEDIUM

Jul 02, 2014

4.3 CVSS

CVE-2014-4694

Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via unspecified variables.

EPSS: 0.05%

Severity: MEDIUM

Jul 02, 2014

Displaying 3 of 7 Total Entries

Total 1 Sections