Lucene search

VulDBCVELIST:CVE-2017-20091

HistoryJun 23, 2022 - 4:20 a.m.

CVE-2017-20091 File Manager Plugin cross-site request forgery

2022-06-2304:20:32

CWE-352

VulDB

www.cve.org

cve-2017-20091

file manager plugin

cross-site request forgery

remote attack

manipulation

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

37.1%

JSON

A vulnerability was found in File Manager Plugin 3.0.1. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely.

CNA Affected

[
  {
    "product": "File Manager Plugin",
    "vendor": "unspecified",
    "versions": [
      {
        "status": "affected",
        "version": "3.0.1"
      }
    ]
  }
]

References

seclists.org/bugtraq/2017/Feb/57

vuldb.com/?id.97377

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

37.1%

JSON

Related for CVELIST:CVE-2017-20091