CVE-2019-19669

{"id": "CVE-2019-19669", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2020-02-10T18:15:12.080", "references": [{"url": "https://github.com/harshit-shukla/CVE", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19669.md", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de tipo CSRF en el Upload Center Forms Component de Web File Manager en Rumpus FTP versi\u00f3n 8.2.9.1. Esto podr\u00eda permitir a un atacante eliminar, crear y actualizar los formularios de carga por medio del archivo RAPR/TriggerServerFunction.html."}], "lastModified": "2020-02-11T16:13:52.757", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:maxum:rumpus_ftp:8.2.9.1:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "DCEE9C9D-5226-4555-8C12-94593EA7F2F3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}