CVE-2019-3897

It has been discovered in redhat-certification that any unauthorized user may download any file under /var/www/rhcert, provided they know its name. Red Hat Certification 6 and 7 is vulnerable to this issue.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1593768 Issue Tracking Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:redhat:certification:-:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-03-16 22:15

Updated : 2024-02-28 18:08


NVD link : CVE-2019-3897

Mitre link : CVE-2019-3897

CVE.ORG link : CVE-2019-3897


JSON object : View

Products Affected

redhat

  • certification
  • enterprise_linux
CWE
CWE-552

Files or Directories Accessible to External Parties