Vulnerability Details : CVE-2019-17087
Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under.
Published
2019-12-11 23:15:11
Updated
2021-07-21 11:39:24
Products affected by CVE-2019-17087
- cpe:2.3:a:microfocus:acutoweb:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-17087
0.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 53 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-17087
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
References for CVE-2019-17087
-
https://softwaresupport.softwaregrp.com/doc/KM03569662
MySupport - Micro Focus Software SupportVendor Advisory
Jump to