vulnerability

Ubuntu: (CVE-2019-3816): openwsman vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Mar 14, 2019	Jun 26, 2025	Jun 26, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Mar 14, 2019

Added

Jun 26, 2025

Modified

Jun 26, 2025

Description

Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.

Solution

no-fix-ubuntu-package

References

CVE-2019-3816
https://attackerkb.com/topics/CVE-2019-3816
URL-http://bugzilla.suse.com/show_bug.cgi?id=1122623
URL-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3816
URL-https://www.cve.org/CVERecord?id=CVE-2019-3816

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today