Rapid7 Velociraptor 0.7.0 Release Candidate 1

CPE Details

Rapid7 Velociraptor 0.7.0 Release Candidate 1
rapid7
velociraptor
0.7.0
2023-11-14
15h00 +00:00
2023-11-14
15h00 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:rapid7:velociraptor:0.7.0:rc1:*:*:*:*:*:*

Informations

Vendor

rapid7

Product

velociraptor

Version

0.7.0

Update

rc1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-5950 2023-11-06 14h30 +00:00 Rapid7 Velociraptor versions prior to 0.7.0-4 suffer from a reflected cross site scripting vulnerability. This vulnerability allows attackers to inject JS into the error path, potentially leading to unauthorized execution of scripts within a user's web browser. This vulnerability is fixed in version 0.7.0-04 and a patch is available to download. Patches are also available for version 0.6.9 (0.6.9-1).
8.6
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.