09 Mai 2019
Vulnérabilité CVE-2019-0226 CVE Vulnerability
Apache Karaf Config service provides a install method (via service or MBean) that could be used to travel in any directory and overwrite existing file. The vulnerability is low if the Karaf process user has limited permission on the filesystem. Any Apache Karaf version before 4.2.5 is impacted. User should upgrade to Apache Karaf 4.2.5 or later. (CVSS:5.5) (Last Update:2019-05-10)
Vulnerability Details : Apache Karaf Config service provides a install method (via service or MBean) that could be used to travel in any directory and overwrite existing file. The vulnerability is low if the Karaf process user has limited permission on the filesystem. Any Apache Karaf version before 4.2.5 is impacted. User should upgrade to Apache Karaf 4.2.5 or later. Publish Date : 2019-05-09 Last Update Date : 2019-05-10 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2019-0226- Number Of Affected Versions By Product
- References For CVE-2019-0226
| |||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2019-0226There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |