CVE-2019-14841

EPSS 0.17%
Published 17.10.2022 16:15:15
Last modified 13.05.2025 21:15:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Decision Manager Version7.0

Redhat ≫ Process Automation Version7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.17%	0.392

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-281 Improper Preservation of Permissions

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

https://access.redhat.com/security/cve/CVE-2019-14841

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1744801

Vendor Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2019-14841

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-14841

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-14841

EUVD