CVE-2019-10184 Vulnerability Details
/
/
/
CVE-2019-10184 Metadata Quick Info
CVE Published: 25/07/2019 |
CVE Updated: 04/08/2024 |
CVE Year: 2019
Source: redhat |
Vendor: undertow-io |
Product: undertow
Status : PUBLISHED
CVE-2019-10184 Description
undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.
Metrics
CVSS Version: 3.1 |
Base Score: n/a
Vector: n/a
l➤ Exploitability Metrics:
Attack Vector (AV)*
Attack Complexity (AC)*
Privileges Required (PR)*
User Interaction (UI)*
Scope (S)*
l➤ Impact Metrics:
Confidentiality Impact (C)*
Integrity Impact (I)*
Availability Impact (A)*
Weakness Enumeration (CWE)
CWE-ID: CWE-862
CWE Name: CWE-862
Source: undertow-io
Common Attack Pattern Enumeration and Classification (CAPEC)
CAPEC-ID:
CAPEC Description:
Source: NVD (National Vulnerability Database).