Plex Media Server 1.19.3

CPE Details

Plex Media Server 1.19.3
plex
media_server
1.19.3
2021-12-10
15h57 +00:00
2021-12-10
15h58 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:plex:media_server:1.19.3:*:*:*:*:*:*:*

Informations

Vendor

plex

Product

media_server

Version

1.19.3

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-33959 2023-01-17 23h00 +00:00 Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.
7.5
Haute
CVE-2021-42835 2021-12-08 13h34 +00:00 An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker (with a foothold in a endpoint via a low-privileged user account) can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC functionality and execute code from a path of his choice (local, or remote via SMB) because of a TOCTOU race condition. This code execution is in the context of the Plex update service (which runs as SYSTEM).
7
Haute
CVE-2020-5742 2020-06-15 17h26 +00:00 Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute cross-origin application requests.
8.8
Haute