CVE-2019-19015

Name of the Vulnerable Software and Affected Versions TitanHQ WebTitan versions prior to 5.18

Description An issue in the proxy service of TitanHQ WebTitan allows connections to the internal PostgreSQL database without password authentication, enabling an attacker to fully control the appliance database. This access can lead to further exploitation, including code execution.

Recommendations For versions prior to 5.18, update to version 5.18 or later to resolve the issue. As a temporary workaround, consider restricting access to the proxy service to minimize the risk of exploitation.