Openwsman Openwsmanproject Openwsman

stack.watch can email you when security vulnerabilities are reported in Openwsmanproject Openwsman. You can add multiple products that you use with Openwsman to create your own personal software stack watcher.

By the Year

In 2021 there have been 0 vulnerabilities in Openwsmanproject Openwsman . Openwsman did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2021 0 0.00
2020 0 0.00
2019 2 7.50
2018 0 0.00

It may take a day or so for new Openwsman vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Openwsmanproject Openwsman Security Vulnerabilities

Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure

CVE-2019-3816 7.5 - High - March 14, 2019

Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.

CVE-2019-3816 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

Openwsman

CVE-2019-3833 7.5 - High - March 14, 2019

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server.

CVE-2019-3833 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Resource Management Errors