Vulnerability CVE-2019-9563


Published: 2019-03-04

Description:
In BlueMind 3.5.x before 3.5.11 Hotfix 7 and 4.x before 4.0-beta3, the contact application mishandles temporary uploads.

Type:

CWE-19

(Data Handling)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Bluemind -> Bluemind 

 References:
http://git.bluemind.net/bluemind/commit/b11aa12d3c2f4c5dac4f9059f8b6bac1bf873244
https://forum.bluemind.net/viewtopic.php?pid=8049#p8049
https://forum.bluemind.net/viewtopic.php?pid=8054#p8054

Copyright 2024, cxsecurity.com

 

Back to Top