CVE-2019-14245

Medium

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases (such as…

mitre·CWE-639·Published 2019-08-21

CVSS

6.5

EPSS

0.02

KEV

Exploits

cve.orgen

187 chars

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases (such as oauthv2) from the server via an attacker account.

NVDen

187 chars

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases (such as oauthv2) from the server via an attacker account.

En CentOS-WebPanel.com (también conocido como CWP) CentOS Web Panel versión 0.9.8.851, una referencia de objeto insegura permite a un atacante eliminar bases de datos (como oauthv2) del servidor a través de una cuenta de atacante.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.5	8.0	4.9	AV:N/AC:L/Au:S/C:N/I:P/A:P
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N