CVE-2019-11393

NONE EPSS 79.2%
Published Apr 22, 20197y ago · Modified Jun 17, 20262w ago
Find Similar
Published Apr 22, 2019 7y ago
Last Modified Jun 17, 2026 2w ago

Description

An issue was discovered in /admin/users/update in M/Monit before 3.7.3. It allows unprivileged users to escalate their privileges to an administrator by requesting a password change and specifying the admin parameter.

Threat Intelligence

EPSS Exploit Probability
79.2% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-640

Affected Products 1

VendorProductVersionRange
tildeslashmonit* <3.7.3

References 2

  • mmonit.com https://mmonit.com/wiki/MMonit/Release3-7-3
    Release NotesVendor Advisory
  • exploit-db.com https://www.exploit-db.com/exploits/46404
    ExploitThird Party AdvisoryVDB Entry

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.