CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-11364

An OS Command Injection vulnerability in Snare Central before 7.4.5 allows remote authenticated attackers to inject arbitrary OS commands via the ServerConf/DataManagement/DiskManager.php FORMNAS_share parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.039

EPSS Ranking 87.8%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 9.0

References

Products affected by CVE-2019-11364

Prophecyinternational » Snare Central » Version: 7.1.1

cpe:2.3:a:prophecyinternational:snare_central:7.1.1
Prophecyinternational » Snare Central » Version: 7.1.2

cpe:2.3:a:prophecyinternational:snare_central:7.1.2
Prophecyinternational » Snare Central » Version: 7.1.3

cpe:2.3:a:prophecyinternational:snare_central:7.1.3
Prophecyinternational » Snare Central » Version: 7.1.4

cpe:2.3:a:prophecyinternational:snare_central:7.1.4
Prophecyinternational » Snare Central » Version: 7.2.0

cpe:2.3:a:prophecyinternational:snare_central:7.2.0
Prophecyinternational » Snare Central » Version: 7.3.0

cpe:2.3:a:prophecyinternational:snare_central:7.3.0
Prophecyinternational » Snare Central » Version: 7.4.1

cpe:2.3:a:prophecyinternational:snare_central:7.4.1
Prophecyinternational » Snare Central » Version: 7.4.2

cpe:2.3:a:prophecyinternational:snare_central:7.4.2
Prophecyinternational » Snare Central » Version: 7.4.3

cpe:2.3:a:prophecyinternational:snare_central:7.4.3
Prophecyinternational » Snare Central » Version: 7.4.4

cpe:2.3:a:prophecyinternational:snare_central:7.4.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-11364

Products

Pricing

Contact Us