CVE Vulnerability
CVE-2019-17503
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name, column name, etc.
References
| Link | Resource |
|---|---|
| https://github.com/Ramikan/Vulnerabilities/blob/master/Kirona-DRS%205.5.3.5%20Multiple%20Vulnerabilities | Exploit Third Party Advisory |
| http://packetstormsecurity.com/files/154838/Kirona-DRS-5.5.3.5-Information-Disclosure.html | Exploit Third Party Advisory |
Configurations
Configuration 1
|
Information
Published : 2019-10-11 05:15
Updated : 2021-07-21 11:39
NVD link : CVE-2019-17503
Mitre link : CVE-2019-17503
Products Affected
No products.
CWE
CWE-425
Direct Request ('Forced Browsing')