Vulnerabilities > Plex > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-11-18 CVE-2018-21031 Insufficiently Protected Credentials vulnerability in Plex Media Server 1.18.2.202936236Cc4C
Tautulli versions 2.1.38 and below allows remote attackers to bypass intended access control in Plex Media Server because the X-Plex-Token is mishandled and can be retrieved from Tautulli.
network
low complexity
plex CWE-522
6.5