Cross-Site Request Forgery in Veeam ONE Reporter by Veeam
CVE-2019-11569

8.8HIGH

Key Information:

Vendor
Veeam
Status
One Reporter
Vendor
CVE Published:
6 May 2019

Summary

Veeam ONE Reporter version 9.5.0.3201 is susceptible to Cross-Site Request Forgery (CSRF) attacks, which could enable an attacker to perform unauthorized actions on behalf of an authenticated user. This vulnerability could potentially compromise the security of the affected systems if exploited, highlighting the need for updated protections against such attacks. Security measures should be implemented to mitigate risks associated with CSRF vulnerabilities.

References

https://www.exploit-db.com/exploits/46765
exploitx_refsource_EXPLOIT-DB

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.