CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-3474

A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.035

EPSS Ranking 87.0%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://download.novell.com/Download?buildid=nZUCSDkvpxk~
https://support.microfocus.com/kb/doc.php?id=7023726
https://www.exploit-db.com/exploits/46450/
https://download.novell.com/Download?buildid=nZUCSDkvpxk~
https://support.microfocus.com/kb/doc.php?id=7023726
https://www.exploit-db.com/exploits/46450/

Products affected by CVE-2019-3474

Microfocus » Filr » Version: 3.0

cpe:2.3:a:microfocus:filr:3.0
Suse » Suse Linux Enterprise Server » Version: 11

cpe:2.3:o:suse:suse_linux_enterprise_server:11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3474

Products

Pricing

Contact Us