ID CVE-2019-3833
Summary Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server.
References
Vulnerable Configurations
  • cpe:2.3:a:openwsman_project:openwsman:2.6.9
    cpe:2.3:a:openwsman_project:openwsman:2.6.9
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-399
CAPEC
refmap via4
bid 107367
confirm
Last major update 14-03-2019 - 18:29
Published 14-03-2019 - 18:29
Last modified 15-03-2019 - 15:15
Back to Top