Lucene search

[email protected]CVE-2019-11608

HistoryApr 30, 2019 - 8:29 p.m.

CVE-2019-11608

2019-04-3020:29:01

CWE-862

CWE-22

[email protected]

web.nvd.nist.gov

cve-2019-11608

doorgets 7.0

sensitive information disclosure

renamefile.php

nvd

vulnerability

unauthenticated attacker

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

7.6 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.8%

JSON

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information or make the server unserviceable.

Affected configurations

NVD

Node

doorgetsdoorgets_cmsMatch7.0

CPENameOperatorVersion
doorgets:doorgets_cmsdoorgets doorgets cmseq7.0

CPE	Name	Operator	Version
doorgets:doorgets_cms	doorgets doorgets cms	eq	7.0

References

github.com/itodaro/doorGets_cve

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

7.6 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.8%

JSON

Related for CVE-2019-11608

prion1 nvd1 cvelist1