CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-17503

An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name, column name, etc.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.902

EPSS Ranking 99.6%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

http://packetstormsecurity.com/files/154838/Kirona-DRS-5.5.3.5-Information-Disclosure.html
https://github.com/Ramikan/Vulnerabilities/blob/master/Kirona-DRS%205.5.3.5%20Multiple%20Vulnerabilities
http://packetstormsecurity.com/files/154838/Kirona-DRS-5.5.3.5-Information-Disclosure.html
https://github.com/Ramikan/Vulnerabilities/blob/master/Kirona-DRS%205.5.3.5%20Multiple%20Vulnerabilities

Products affected by CVE-2019-17503

Kirona » Dynamic Resource Scheduling » Version: 5.5.3.5

cpe:2.3:a:kirona:dynamic_resource_scheduling:5.5.3.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17503

Products

Pricing

Contact Us