Vulnerability Details CVE-2019-19469
In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. This may depend on weak default credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References