CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-9884

eClass platform < ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to bypass the password validation and access management page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

http://surl.twcert.org.tw/b7jfz
https://tvn.twcert.org.tw/taiwanvn/TVN-201904004
https://zeroday.hitcon.org/vulnerability/ZD-2019-00332
http://surl.twcert.org.tw/b7jfz
https://tvn.twcert.org.tw/taiwanvn/TVN-201904004
https://zeroday.hitcon.org/vulnerability/ZD-2019-00332

Products affected by CVE-2019-9884

Eclass » Eclass Ip » Version: N/A

cpe:2.3:a:eclass:eclass_ip:-
Eclass » Eclass Ip » Version: 2.5

cpe:2.3:a:eclass:eclass_ip:2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-9884

Products

Pricing

Contact Us