CVE Vulnerabilities

CVE-2019-9530

Published: Oct 10, 2019 | Modified: Oct 26, 2021

CVSS 3.x

5.5

MEDIUM

Source:

NVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS 2.x

4.9 MEDIUM

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-9530
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file found in the web root directory.

Affected Software

Name	Vendor	Start Version	End Version
Explorer_710_firmware	Cobham	1.07 (including)	1.07 (including)

References

https://kb.cert.org/vuls/id/719689/

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.