1. CVE-Search
  2. CVE-2020-5742
ID CVE-2020-5742
Summary Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute cross-origin application requests.
References
Vulnerable Configurations
  • cpe:2.3:a:plex:media_server:-:*:*:*:*:*:*:*
    cpe:2.3:a:plex:media_server:-:*:*:*:*:*:*:*
  • cpe:2.3:a:plex:media_server:1.13.2.5154:*:*:*:*:*:*:*
    cpe:2.3:a:plex:media_server:1.13.2.5154:*:*:*:*:*:*:*
  • cpe:2.3:a:plex:media_server:1.18.2.2029:*:*:*:*:*:*:*
    cpe:2.3:a:plex:media_server:1.18.2.2029:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 21-07-2021 - 11:39)
Impact:
Exploitability:
CWE CWE-668
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
misc https://www.tenable.com/security/research/tra-2020-35
Last major update 21-07-2021 - 11:39
Published 15-06-2020 - 20:15
Last modified 21-07-2021 - 11:39
Back to Top