Posted in Vulnerabilities

CVE 2019-11517

   June 12, 2019  Leave a comment

Lately, there is an old vulnerability that not yet been fixed in WampServer where it related to Cross Site Request Forgery. The previous CVE for this vulnerabilities is CVE-2018-8817(https://www.exploit-db.com/exploits/44385)

The attacker can still abuse this old flaw to get to the new vhosts that been deleted or added in the Apache configuration file

The score for this vulnerability are such as follows:

CVSS 3.0

  • Impact Score: 3.6
  • Exploitability Score: 2.8
  • Base Score: 6.5

CVSS 2.0

  • Impact Score: 4.9
  • Exploitability Score: 8.6
  • Base Score: 5.8

Recommendation

It was been advisable to update to the WampServer 3.1.9

Source: https://seclists.org/bugtraq/2019/Jun/10

Author: Wan Ariff

He brings with him more than 2 years of working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *