Описание
In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. This may depend on weak default credentials.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:zmanda:amanda:3.3.9:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.0025
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. This may depend on weak default credentials.
EPSS
Процентиль: 48%
0.0025
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-78