Lucene search
PRIOn knowledge basePRION:CVE-2019-14466HistoryDec 31, 2019 - 6:15 p.m.
Design/Logic Flaw
2019-12-3118:15:00
PRIOn knowledge base
www.prio-n.com
5
The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions (in the context of the user account that runs the web server) via a crafted cookie value, because unserialize is used to restore filter settings from a cookie.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 8.0 | |
| gosa | eq | 2.7.5.2 |
Related
openvas
openvas
Debian: Security Advisory (DLA-1905-1)
2019-09-01 00:00:00
Ubuntu: Security Advisory (USN-4609-1)
2020-10-29 00:00:00
cve
cve
CVE-2019-14466
2019-12-31 18:15:11
ubuntucve
ubuntucve
CVE-2019-14466
2019-12-31 00:00:00
debiancve
debiancve
CVE-2019-14466
2019-12-31 18:15:11
nessus
nessus
Debian DLA-1905-1 : gosa security update
2019-09-03 00:00:00
Ubuntu 16.04 LTS : GOsa vulnerabilities (USN-4609-1)
2020-10-29 00:00:00
osv
osv
gosa - security update
2019-08-31 00:00:00
CVE-2019-14466
2019-12-31 18:15:11
gosa vulnerabilities
2020-10-28 19:46:46
cvelist
cvelist
CVE-2019-14466
2019-12-31 17:29:05
veracode
veracode
PHP Object Injection
2020-10-29 21:46:48
nvd
nvd
CVE-2019-14466
2019-12-31 18:15:11
debian
debian
[SECURITY] [DLA 1905-1] gosa security update
2019-08-31 14:32:38
ubuntu
ubuntu
GOsa vulnerabilities
2020-10-28 00:00:00