CVE-2019-14346: CSRF
First published: Tue Aug 06 2019(Updated: )
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schben Adive | =2.0.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-14346?
CVE-2019-14346 is a vulnerability in Schben Adive 2.0.7 that allows an attacker to change a user's password through a CSRF attack.
How severe is CVE-2019-14346?
CVE-2019-14346 has a severity rating of 8.8 (high).
How can I exploit CVE-2019-14346?
Exploiting CVE-2019-14346 requires performing a CSRF attack on the admin/config page to change a user's password.
How can I protect my Schben Adive 2.0.7 installation from CVE-2019-14346?
To protect against CVE-2019-14346, update to a version of Schben Adive that is not affected by this vulnerability or apply patches provided by the vendor.
Where can I find more information about CVE-2019-14346?
More information about CVE-2019-14346 can be found at the following references: http://packetstormsecurity.com/files/153989/Adive-Framework-2.0.7-Cross-Site-Request-Forgery.html, https://hackpuntes.com/cve-2019-14346-adive-framework-2-0-7-cross-site-request-forgery/, https://www.adive.es/
- collector/nvd-index
- vendor/schben
- canonical/schben adive
- version/schben adive/2.0.7