CVE-2019-13071 HIGH

CVE-2019-13071

Vendor N/A
Product n/a
Published July 10, 2019
Last update August 4, 2024

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R

What the vulnerability does

01Description

CSRF in the Agent/Center component of CyberPower PowerPanel Business Edition 3.4.0 allows an attacker to submit POST requests to any forms in the web application. This can be exploited by tricking an authenticated user into visiting an attacker controlled web page.

Key dates

02Disclosure timeline

July 10, 2019 CVE published
August 4, 2024 Record updated