Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2019-9827

Published: 03/07/2019 Updated: 10/07/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Hawt

Vulnerability Summary

Hawt Hawtio up to and including 2.5.0 is vulnerable to SSRF, allowing a remote malicious user to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

hawt hawtio

Vendor Advisories

Red Hat: Important: Red Hat JBoss Fuse/A-MQ 6.3 R17 security and bug fix update
Synopsis Important: Red Hat JBoss Fuse/A-MQ 63 R17 security and bug fix update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Fuse 63 and Red Hat JBoss A-MQ 63Red Hat Product Security has rated this update as having a security impact of Important A Common ...
Red Hat: Moderate: Red Hat AMQ Broker 7.8 release and security update
Synopsis Moderate: Red Hat AMQ Broker 78 release and security update Type/Severity Security Advisory: Moderate Topic Red Hat AMQ Broker 78 is now available from the Red Hat Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scorin ...
Red Hat: Moderate: Red Hat AMQ Broker 7.4.5 release and security update
Synopsis Moderate: Red Hat AMQ Broker 745 release and security update Type/Severity Security Advisory: Moderate Topic Red Hat AMQ Broker 745 is now available from the Red Hat Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Sc ...
Red Hat: Important: Red Hat Fuse 7.7.0 release and security update
Synopsis Important: Red Hat Fuse 770 release and security update Type/Severity Security Advisory: Important Topic A minor version update (from 76 to 77) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Produc ...
Red Hat: CVE-2019-9827
Impact: Moderate Public Date: 2019-06-27 CWE: CWE-602 Bugzilla: 1728604: CVE-2019-9827 hawtio: server s ...

Exploits

Exploit DB: Hawtio 2.5.0 Server Side Request Forgery
Hawtio versions 250 and below suffer from a server side request forgery vulnerability ...

References

CWE-918https://www.ciphertechs.com/hawtio-advisory/https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2020:3587https://access.redhat.com/security/cve/cve-2019-9827
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook