vulnerability

Huawei EulerOS: CVE-2019-3816: openwsman security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Mar 14, 2019	May 7, 2019	Nov 27, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Mar 14, 2019

Added

May 7, 2019

Modified

Nov 27, 2024

Description

Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.

Solution(s)

huawei-euleros-2_0_sp3-upgrade-libwsman1huawei-euleros-2_0_sp3-upgrade-openwsman-clienthuawei-euleros-2_0_sp3-upgrade-openwsman-server

References

CVE-2019-3816
https://attackerkb.com/topics/CVE-2019-3816
EULEROS-EulerOS-SA-2019-1330

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today