PT-2019-17861 · Nablarch · Nablarch

Publicado

2019-03-12

Atualizado

2022-05-13

CVE-2019-5919

CVSS v3.1

9.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Nablarch versions 5 through 5u13

Description The issue is related to an incomplete cryptography implementation in the data store function of Nablarch, which uses a hidden tag. This allows remote attackers to obtain stored data information, register invalid values, or alter existing values via unspecified vectors.

Recommendations For Nablarch versions 5 through 5u13, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use of a Broken Cryptographic Algorithm

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-327

Identificadores relacionados

CVE-2019-5919

GHSA-HMX6-GC2P-5P82

Produtos afetados

Nablarch

PT-2019-17861 · Nablarch · Nablarch

CVE-2019-5919

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7