CVE-2019-10184
Description
undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.68
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-10184 are fixed in Undertow-undertow-servlet 2.0.23 | Windows |
| Multiple Vulnerabilities are affected in Netapp Active Iq Unified Manager 2.3 | Windows |
| Multiple Vulnerabilities are affected in Red Hat JBoss Enterprise Application Platform 7 7.0.0 | Windows |
| Multiple Vulnerabilities are affected in Red Hat JBoss Data Grid 2.3 | Windows |
| Vulnerabilities CVE-2019-10184 are fixed in Undertow-undertow-servlet for Linux 2.0.23 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234