First published: Sun Dec 01 2019(Updated: )
In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. This may depend on weak default credentials.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zmanda Amanda | =3.3.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.