← Voltar para CVEs
CVE-2019-10137
N/ADescricao
A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitrary code in the context of the httpd process.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado7/2/2019
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
redhat:satelliteredhat:spacewalk
Fraquezas (CWE)
CWE-22CWE-22
Referencias
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10137(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10137(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.