CVE-2019-5641 — LOW (3.3) — White Hats Nepal

Q: How severe is CVE-2019-5641?

CVE-2019-5641 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-5641?

Check the references section above for vendor advisories and patch information. Affected products include: Rapid7 Insightvm.

Vulnerability Description

Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login panel and view the details available in the last webpage visited by previous user

CVSS Score

3.3

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Rapid7	Insightvm	<= 6.6.160

Related Weaknesses (CWE)

CWE-613 CWE-200

References

https://docs.rapid7.com/release-notes/insightvm/20220830/Vendor Advisory
https://docs.rapid7.com/release-notes/insightvm/20220830/Vendor Advisory

FAQ

What is CVE-2019-5641?

CVE-2019-5641 is a vulnerability with a CVSS score of 3.3 (LOW). Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser feature to remove the login pa...

How severe is CVE-2019-5641?

CVE-2019-5641 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-5641?

Check the references section above for vendor advisories and patch information. Affected products include: Rapid7 Insightvm.