CVE-2019-3996
6.5MEDIUMELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
Опубликовано: 12/17/2019Обновлено: 11/21/2024
Описание
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
ИИ-АнализНа базе ИИ
Затронутые продукты
elog_projectelog
fedoraprojectfedora
30
fedoraprojectfedora
31
Ссылки
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IN3FP6VXYSD4OMUCFZNOL7MKPWRQFAL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4IAS4HI24H2ERKBZTDEVJ3LEQEFWYSCT/
- https://www.tenable.com/security/research/tra-2019-53ExploitPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IN3FP6VXYSD4OMUCFZNOL7MKPWRQFAL/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4IAS4HI24H2ERKBZTDEVJ3LEQEFWYSCT/
- https://www.tenable.com/security/research/tra-2019-53ExploitPatchThird Party Advisory