{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T15:23:21.575","vulnerabilities":[{"cve":{"id":"CVE-2019-15749","sourceIdentifier":"cve@mitre.org","published":"2019-10-07T12:15:11.447","lastModified":"2024-11-21T04:29:23.960","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SITOS six Build v6.2.1 allows a user to change their password and recovery email address without requiring them to confirm the change with their old password. This would allow an attacker with access to the victim's account (e.g., via XSS or an unattended workstation) to change that password and address."},{"lang":"es","value":"SITOS Build seis versión v6.2.1, permite al usuario cambiar su contraseña y dirección de correo electrónico de recuperación sin requerir que confirme el cambio con su contraseña anterior. Esto permitiría a un atacante con acceso a la cuenta de la víctima (por ejemplo, por medio de un ataque de tipo XSS o una estación de trabajo desatendida) cambiar esa contraseña y dirección."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-640"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sitos:sitos_six:6.2.1:*:*:*:*:*:*:*","matchCriteriaId":"760C0CF6-2D14-4152-AA7E-CAA7667104AE"}]}]}],"references":[{"url":"https://www.contextis.com/en/resources/advisories/cve-2019-15749","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.contextis.com/en/resources/advisories/cve-2019-15749","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}