CVE-2019-3897

It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. Red Hat Certification 6 and 7 is vulnerable to this issue.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1593768 Issue Tracking Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:redhat:certification:-:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Information

Published : 2021-03-16 15:15

Updated : 2021-03-22 12:51


NVD link : CVE-2019-3897

Mitre link : CVE-2019-3897


JSON object : View

CWE
CWE-552

Files or Directories Accessible to External Parties

Advertisement

dedicated server usa

Products Affected

redhat

  • certification
  • enterprise_linux