CVE-2019-3816

Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.

Published : 2019-03-14 22:29 Updated : 2019-03-21 16:01

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Openwsman Project Openwsman 2.6.9 cpe:/a:openwsman_project:openwsman:2.6.9
  1. Openwsman Project (1) Search CVE
    1. Openwsman (1) Search CVE
      1. 2.6.9

CWE

ID Name Description Links
CWE-200 Information Exposure An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information. CVE

History of changes

Date Event
2019-03-21 16:01
2019-03-15 19:19
2019-03-15 10:29
2019-03-14 22:29

New CVE