vulnerability

Huawei EulerOS: CVE-2019-3816: openwsman security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Mar 14, 2019	May 7, 2019	Aug 13, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Mar 14, 2019

Added

May 7, 2019

Modified

Aug 13, 2025

Description

Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.

Solutions

huawei-euleros-2_0_sp5-upgrade-libwsman1huawei-euleros-2_0_sp5-upgrade-openwsman-clienthuawei-euleros-2_0_sp5-upgrade-openwsman-pythonhuawei-euleros-2_0_sp5-upgrade-openwsman-server

References

CVE-2019-3816
https://attackerkb.com/topics/CVE-2019-3816
CWE-22
EULEROS-EulerOS-SA-2019-1331

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today