← voltar
CVE-2019-5433

CVE-2019-5433

EPSS 1.7%CWE-601
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
06 mai 2019Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) domain, potentially used for stealing credentials or other phishing attacks. This vulnerability was addressed in version 4.2.0.
Produtos afetados
n/a · Revive Adserver

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://hackerone.com/reports/390663https://www.revive-adserver.com/security/revive-sa-2019-001/