{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T09:06:59.238","vulnerabilities":[{"cve":{"id":"CVE-2017-6038","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2017-06-30T03:29:00.500","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. The web application does not sufficiently verify that requests were provided by the user who submitted the request."},{"lang":"es","value":"Se ha descubierto un problema de Cross-Site Request Forgery (CSRF) en el switch Belden Hirschmann GECKO Lite Managed, en versiones 2.0.00 y anteriores. La aplicación web no verifica lo suficiente que las peticiones fuesen proporcionadas por el usuario que envió la solicitud."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:belden_hirschmann:gecko_lite_managed_switch_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"2.0.00","matchCriteriaId":"F6C3FE20-F449-4AE3-A70D-125BE0934473"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:belden_hirschmann:gecko_lite_managed_switch:-:*:*:*:*:*:*:*","matchCriteriaId":"6F981F2D-B30E-49A8-9FFB-5A9A01C6D46C"}]}]}],"references":[{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-026-02A","source":"ics-cert@hq.dhs.gov","tags":["Mitigation","Third Party Advisory","US Government Resource"]},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-17-026-02A","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Third Party Advisory","US Government Resource"]}]}}]}