CVE-2019-5503

CWE-319Cleartext Transmission3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.5%
top 33.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netapp Oncommand Workflow Automation
Timeline
PublishedSep 10
Latest updateMay 24

Description

OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5netapp/oncommand_workflow_automationVersions prior to 5.0

🔴Vulnerability Details

2
GHSA
GHSA-hppf-pw38-q72w: OnCommand Workflow Automation versions prior to 52022-05-24
CVEList
CVE-2019-5503: OnCommand Workflow Automation versions prior to 52019-09-10
CVE-2019-5503 (MEDIUM CVSS 5.3) | OnCommand Workflow Automation versi | cvebase.io