CVE-2019-11816

2019-05-2021:26:03

mitre

www.cve.org

6.9 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.4%

JSON

Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.

References

forum.opnsense.org/index.php?topic=12787.0

www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html