CVE-2019-11021 (GCVE-0-2019-11021)

Vulnerability from cvelistv5 – Published: 2019-10-24 15:26 – Updated: 2024-08-04 22:40 Disputed
VLAI?
Summary
admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. NOTE: "While inadvertently allowing a PHP file to be uploaded via Media Manager was an oversight, it still requires an admin permission. We think it's pretty rare for an administrator to exploit a bug on his/her own site to own his/her own site.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-11021",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-26T20:30:31.660773Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:12:00.648Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:16.048Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.schlix.com/html/schlix-cms-downloads.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.144129"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. NOTE: \"While inadvertently allowing a PHP file to be uploaded via Media Manager was an oversight, it still requires an admin permission. We think it\u0027s pretty rare for an administrator to exploit a bug on his/her own site to own his/her own site."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-29T15:41:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.schlix.com/html/schlix-cms-downloads.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://vuldb.com/?id.144129"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html"
        }
      ],
      "tags": [
        "disputed"
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11021",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "** DISPUTED ** admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. NOTE: \"While inadvertently allowing a PHP file to be uploaded via Media Manager was an oversight, it still requires an admin permission. We think it\u0027s pretty rare for an administrator to exploit a bug on his/her own site to own his/her own site.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schlix.com/html/schlix-cms-downloads.html",
              "refsource": "MISC",
              "url": "https://www.schlix.com/html/schlix-cms-downloads.html"
            },
            {
              "name": "https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/",
              "refsource": "MISC",
              "url": "https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/"
            },
            {
              "name": "https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021",
              "refsource": "MISC",
              "url": "https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021"
            },
            {
              "name": "https://vuldb.com/?id.144129",
              "refsource": "MISC",
              "url": "https://vuldb.com/?id.144129"
            },
            {
              "name": "https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html",
              "refsource": "MISC",
              "url": "https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11021",
    "datePublished": "2019-10-24T15:26:25",
    "dateReserved": "2019-04-08T00:00:00",
    "dateUpdated": "2024-08-04T22:40:16.048Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:schlix:cms:2.1.8-7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D0C8BAE-A63D-409B-9510-FACD22C16335\"}]}]}]",
      "cveTags": "[{\"sourceIdentifier\": \"cve@mitre.org\", \"tags\": [\"disputed\"]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. NOTE: \\\"While inadvertently allowing a PHP file to be uploaded via Media Manager was an oversight, it still requires an admin permission. We think it\u0027s pretty rare for an administrator to exploit a bug on his/her own site to own his/her own site.\"}, {\"lang\": \"es\", \"value\": \"** EN DISPUTA ** El archivo admin/app/mediamanager en Schlix CMS versi\\u00f3n 2.1.8-7, permite una carga de archivos sin restricciones autenticada, lo que conlleva a la ejecuci\\u00f3n de c\\u00f3digo remota. NOTA:  \\\"Si bien, sin darse cuenta, permite que un archivo PHP se cargue a trav\\u00e9s de Media Manager fue un descuido,aunque se requiere un permiso de administrador. Creemos que es bastante raro que un administrador explote un error en su propio sitio para tener su propio sitio \\\".\"}]",
      "id": "CVE-2019-11021",
      "lastModified": "2024-11-21T04:20:22.730",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-10-24T16:15:20.047",
      "references": "[{\"url\": \"https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://vuldb.com/?id.144129\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.schlix.com/html/schlix-cms-downloads.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Product\", \"Release Notes\"]}, {\"url\": \"https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://vuldb.com/?id.144129\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.schlix.com/html/schlix-cms-downloads.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\", \"Release Notes\"]}, {\"url\": \"https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-434\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-11021\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-10-24T16:15:20.047\",\"lastModified\":\"2024-11-21T04:20:22.730\",\"vulnStatus\":\"Modified\",\"cveTags\":[{\"sourceIdentifier\":\"cve@mitre.org\",\"tags\":[\"disputed\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. NOTE: \\\"While inadvertently allowing a PHP file to be uploaded via Media Manager was an oversight, it still requires an admin permission. We think it\u0027s pretty rare for an administrator to exploit a bug on his/her own site to own his/her own site.\"},{\"lang\":\"es\",\"value\":\"** EN DISPUTA ** El archivo admin/app/mediamanager en Schlix CMS versi\u00f3n 2.1.8-7, permite una carga de archivos sin restricciones autenticada, lo que conlleva a la ejecuci\u00f3n de c\u00f3digo remota. NOTA:  \\\"Si bien, sin darse cuenta, permite que un archivo PHP se cargue a trav\u00e9s de Media Manager fue un descuido,aunque se requiere un permiso de administrador. Creemos que es bastante raro que un administrador explote un error en su propio sitio para tener su propio sitio \\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schlix:cms:2.1.8-7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D0C8BAE-A63D-409B-9510-FACD22C16335\"}]}]}],\"references\":[{\"url\":\"https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://vuldb.com/?id.144129\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.schlix.com/html/schlix-cms-downloads.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://vuldb.com/?id.144129\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.schlix.com/html/schlix-cms-downloads.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.schlix.com/html/schlix-cms-downloads.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://vuldb.com/?id.144129\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T22:40:16.048Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-11021\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-26T20:30:31.660773Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-04-26T20:30:37.403Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"tags\": [\"disputed\"], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://www.schlix.com/html/schlix-cms-downloads.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://vuldb.com/?id.144129\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. NOTE: \\\"While inadvertently allowing a PHP file to be uploaded via Media Manager was an oversight, it still requires an admin permission. We think it\u0027s pretty rare for an administrator to exploit a bug on his/her own site to own his/her own site.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2019-10-29T15:41:12\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.schlix.com/html/schlix-cms-downloads.html\", \"name\": \"https://www.schlix.com/html/schlix-cms-downloads.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/\", \"name\": \"https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce/\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021\", \"name\": \"https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021\", \"refsource\": \"MISC\"}, {\"url\": \"https://vuldb.com/?id.144129\", \"name\": \"https://vuldb.com/?id.144129\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html\", \"name\": \"https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"** DISPUTED ** admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. NOTE: \\\"While inadvertently allowing a PHP file to be uploaded via Media Manager was an oversight, it still requires an admin permission. We think it\u0027s pretty rare for an administrator to exploit a bug on his/her own site to own his/her own site.\\\"\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-11021\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2019-11021\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-04T22:40:16.048Z\", \"dateReserved\": \"2019-04-08T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2019-10-24T15:26:25\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.