Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2019-7617

When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. This could result in an attacker redirecting collected APM data to a proxy of their choosing.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.0%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.4
Products affected by CVE-2019-7617


Contact Us

Shodan ® - All rights reserved