CVE-2019-14724

High

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding…

mitre·CWE-639·Published 2019-09-11

CVSS

7.5

EPSS

0.04

KEV

Exploits

cve.orgen

196 chars

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account.

NVDen

196 chars

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account.

NVDes

260 chars

En CentOS-WebPanel.com (también se conoce como CWP) CentOS Web Panel versión 0.9.8.851, una referencia de objeto no segura permite a un atacante editar un destino de reenvío de correo electrónico desde una cuenta de la víctima mediante una cuenta del atacante.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N