CVE-2019-19833

Medium

In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. (Also, anonymous access can be…

mitre·CWE-352·Published 2019-12-18

CVSS

6.5

EPSS

0.15

KEV

Exploits

cve.orgen

194 chars

In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area).

NVDen

194 chars

In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area).

En Tautulli versión 2.1.9, una vulnerabilidad de tipo CSRF en el URI /shutdown permite a un atacante apagar el servidor multimedia remoto. (Además, un acceso anónimo puede ser alcanzado en aplicaciones que no tienen un área de inicio de sesión de usuario).

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H