An issue was discovered in Halvotec RaQuest 10.23.10801.0. One of the exposed web services allows an anonymous user to access the list of connected users as well as the session cookie for each user. Fixed in Release 10.24.11206.1
References
Link | Resource |
---|---|
https://excellium-services.com/cert-xlm-advisory/cve-2019-19611/ | Third Party Advisory |
https://excellium-services.com/cert-xlm-advisory/cve-2019-19611/ | Third Party Advisory |
Configurations
History
21 Nov 2024, 04:35
Type | Values Removed | Values Added |
---|---|---|
References | () https://excellium-services.com/cert-xlm-advisory/cve-2019-19611/ - Third Party Advisory |
Information
Published : 2020-03-13 19:15
Updated : 2024-11-21 04:35
NVD link : CVE-2019-19611
Mitre link : CVE-2019-19611
CVE.ORG link : CVE-2019-19611
JSON object : View
Products Affected
halvotec
- raquest
CWE