Vulnerability Description
Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aquaverde | Aquarius Cms | < 4.1.1 |
Related Weaknesses (CWE)
References
- https://github.com/aquaverde/aquarius-coreThird Party Advisory
- https://github.com/aquaverde/aquarius-core/commit/e1af89aa9df07ea265d879518ede9ePatchThird Party Advisory
- https://github.com/aquaverde/aquarius-coreThird Party Advisory
- https://github.com/aquaverde/aquarius-core/commit/e1af89aa9df07ea265d879518ede9ePatchThird Party Advisory
FAQ
What is CVE-2019-1010308?
CVE-2019-1010308 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwor...
How severe is CVE-2019-1010308?
CVE-2019-1010308 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-1010308?
Check the references section above for vendor advisories and patch information. Affected products include: Aquaverde Aquarius Cms.