Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Removal of Users from phpMyAdmin

Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Removal of Users from phpMyAdmin

CVE-2019-14721 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to remove a target user from phpMyAdmin via an attacker account.

Learn more about our Cis Benchmark Audit For Centos Linux.