CVE-2019-3833

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server.

Published : 2019-03-14 22:29 Updated : 2019-04-17 18:08

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Openwsman Project Openwsman 2.6.9 cpe:/a:openwsman_project:openwsman:2.6.9
Fedoraproject Fedora 28 cpe:/o:fedoraproject:fedora:28
Fedoraproject Fedora 29 cpe:/o:fedoraproject:fedora:29
Fedoraproject Fedora 30 cpe:/o:fedoraproject:fedora:30
Opensuse Leap 15.0 cpe:/o:opensuse:leap:15.0
Opensuse Leap 42.3 cpe:/o:opensuse:leap:42.3
  1. Openwsman Project (1) Search CVE
    1. Openwsman (1) Search CVE
      1. 2.6.9
  2. Opensuse (1) Search CVE
    1. Leap (2) Search CVE
      1. 15.0
      2. 42.3
  3. Fedoraproject (1) Search CVE
    1. Fedora (3) Search CVE
      1. 28
      2. 29
      3. 30

CWE

ID Name Description Links
CWE-399 Resource Management Errors Weaknesses in this category are related to improper management of system resources. CVE

History of changes

Date Event
2019-04-17 18:08
2019-04-16 23:29
2019-03-15 19:15
2019-03-15 10:29
2019-03-14 22:29

New CVE