VDB
CVE-2019-10157
CVE-2019-10157
PUBLISHED
CVSS 8.699999809265137 HIGH
In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert aufgrund einer fehlenden Validierung von Zertifikaten, in dessen Folge der Benutzer ausgeloggt wird und sich nicht mehr einloggen kann. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand zu erzeugen.
EPSS 0.02% · 5.4th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.02%
5.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | Amazon Linux 2 | |
| Red Hat | Red Hat Single Sign On 7.3 | |
| Red Hat | Red Hat Enterprise Linux |
Exploit Intelligence
- https://github.com/qazbnm456/awesome-cve-poc (certbund)
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10157 (circl)
- 108734 (circl)
Timeline
- Jun 11, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2022-1947.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1947 advisory
- https://access.redhat.com/errata/RHSA-2023:5693 advisory
- https://access.redhat.com/errata/RHSA-2019:1456 advisory
- https://access.redhat.com/errata/RHSA-2019:2439 advisory
- https://access.redhat.com/errata/RHSA-2020:0132 advisory
- https://access.redhat.com/errata/RHSA-2020:0133 advisory
- https://access.redhat.com/errata/RHSA-2019:2587 advisory
- https://access.redhat.com/errata/RHSA-2019:3023 advisory
- https://access.redhat.com/errata/RHSA-2019:3024 advisory
- https://github.com/qazbnm456/awesome-cve-poc exploit
- https://access.redhat.com/errata/RHSA-2020:1325 advisory
- https://access.redhat.com/errata/RHSA-2020:2412 advisory
- https://access.redhat.com/errata/RHSA-2020:3247 advisory
- https://access.redhat.com/errata/RHSA-2020:3936 advisory
- https://access.redhat.com/errata/RHSA-2020:4670 advisory
- https://access.redhat.com/errata/RHSA-2020:4847 advisory
- https://access.redhat.com/errata/RHSA-2020:5581 advisory
- https://access.redhat.com/errata/RHSA-2020:5571 advisory
- https://access.redhat.com/errata/RHSA-2022:7343 advisory
…and 4 more