CVE-2019-19668

{"id": "CVE-2019-19668", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2020-02-10T19:15:11.637", "references": [{"url": "https://github.com/harshit-shukla/CVE", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19668.md", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/harshit-shukla/CVE", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19668.md", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html."}, {"lang": "es", "value": "Existe una vulnerabilidad de tipo CSRF en el componente File Types de Web File Manager en Rumpus FTP versi\u00f3n 8.2.9.1, que permite a un atacante agregar o eliminar los tipos de archivo que se utilizan en el servidor por medio del archivo RAPR/TriggerServerFunction.html."}], "lastModified": "2024-11-21T04:35:09.510", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:maxum:rumpus_ftp:8.2.9.1:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "DCEE9C9D-5226-4555-8C12-94593EA7F2F3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}