exploitDog

CVE-2019-19611

Опубликовано: 13 мар. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in Halvotec RaQuest 10.23.10801.0. One of the exposed web services allows an anonymous user to access the list of connected users as well as the session cookie for each user. Fixed in Release 10.24.11206.1

Ссылки

https://excellium-services.com/cert-xlm-advisory/cve-2019-19611/
Third Party Advisory
https://excellium-services.com/cert-xlm-advisory/cve-2019-19611/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:halvotec:raquest:10.23.10801.0:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00391

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-6grm-2hwh-cmr4

github

больше 3 лет назад

An issue was discovered in Halvotec RaQuest 10.23.10801.0. One of the exposed web services allows an anonymous user to access the list of connected users as well as the session cookie for each user.

EPSS

Процентиль: 60%

0.00391

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo