CVE-2019-17087

EPSS 0.32%
Published 11.12.2019 23:15:10
Last modified 21.11.2024 04:31:40
Source security@opentext.com
Teams watchlist Login
Open Login

Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Microfocus ≫ Acutoweb Version < 10.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.32%	0.516

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

https://softwaresupport.softwaregrp.com/doc/KM03569662

https://nvd.nist.gov/vuln/detail/CVE-2019-17087

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-17087

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-17087

EUVD