What is CVE-2019-19160?

CVE-2019-19160 is a medium-severity vulnerability in Cabsoftware Reportexpress Proplus, classified under CWE-353. CVSS score: 5.7/10. Published 2020-06-29.

How severe is CVE-2019-19160?

Medium severity. CVSS v3 base score is 5.7 out of 10.

Vulnerability in Cabsoftware Reportexpress Proplus

CVE-2019-19160

Reportexpress ProPlus contains a vulnerability that could allow an arbitrary code execution by inserted VBscript into the configure file(rxp).

EPSS: 0.003 (55.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.7 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H.

Affected products

Cabsoftware Reportexpress Proplus — versions unspecified

Weakness classification (CWE)

CWE-353

References

www.cabsoftware.com:8080/HomePage2015A/html/ (x_refsource_MISC)
www.boho.or.kr/krcert/secNoticeView.do (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-19160?: CVE-2019-19160 is a medium-severity vulnerability in Cabsoftware Reportexpress Proplus, classified under CWE-353. CVSS score: 5.7/10. Published 2020-06-29.
How severe is CVE-2019-19160?: Medium severity. CVSS v3 base score is 5.7 out of 10.