Lucene search

MitreCVELIST:CVE-2019-13071

HistoryJul 10, 2019 - 1:46 p.m.

CVE-2019-13071

2019-07-1013:46:43

mitre

www.cve.org

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.003

Percentile

70.9%

JSON

CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page.

References

packetstormsecurity.com/files/153581/PowerPanel-Business-Edition-3.4.0-Cross-Site-Request-Forgery.html

seclists.org/fulldisclosure/2019/Jul/11

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.003

Percentile

70.9%

JSON

Related for CVELIST:CVE-2019-13071