CVE-2019-0181

Name of the Vulnerable Software and Affected Versions Open Cloud Integrity Technology (affected versions not specified) OpenAttestation (affected versions not specified)

Description The issue is related to errors in input validation in Open Cloud Integrity Technology and OpenAttestation. It may allow an attacker to elevate privileges using a specially crafted request. Insufficient password protection in the attestation database for Open CIT may enable information disclosure via local access for authenticated users.

Recommendations For Open Cloud Integrity Technology, consider restricting access to the attestation database to minimize the risk of information disclosure. For OpenAttestation, as a temporary workaround, consider disabling local access to the attestation database until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.