CVE-2019-10184 Vulnerability Details

  /     /     /  

CVE-2019-10184 Metadata Quick Info

CVE Published: 25/07/2019 | CVE Updated: 04/08/2024 | CVE Year: 2019
Source: redhat | Vendor: undertow-io | Product: undertow
Status : PUBLISHED

CVE-2019-10184 Description

undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-862
CWE Name: CWE-862
Source: undertow-io

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).