CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Kirona: >> Dynamic Resource Scheduling >> 5.5.3.5 Security Vulnerabilities

CVE-2019-17504

An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter.

CVSS Score

6.1

EPSS Score

0.004

Published

2019-10-11

CVE-2019-17503

An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name, column name, etc.

CVSS Score

5.3

EPSS Score

0.902

Published

2019-10-11

Page 1

Vulnerabilities

Vulnerable Software

Kirona: >> Dynamic Resource Scheduling >> 5.5.3.5 Security Vulnerabilities

Products

Pricing

Contact Us