Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Database Deletion
CVE-2019-14245 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases (such as oauthv2) from the server via an attacker account.
Learn more about our Cis Benchmark Audit For Centos Linux.