Openwsman
Vulnerabilities
2
Known exploited
0
Max CVSS
7.5
Top EPSS
0.15243
Severity breakdown
Critical
0
High
2
Medium
0
Low
0
Affected version ranges
≤ 2.6.9
Also matched as (raw): openwsman
Top vulnerabilities
CVE-2019-3833Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server.
CVE-2019-3816Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.