Lucene search

[email protected]NVD:CVE-2019-19249

HistoryNov 25, 2019 - 5:15 p.m.

CVE-2019-19249

2019-11-2517:15:11

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.002

Percentile

64.7%

JSON

Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations.

Affected configurations

Nvd

Node

querytreeappquerytreeMatch3.0.11beta

querytreeappquerytreeMatch3.0.13beta

querytreeappquerytreeMatch3.0.15beta

querytreeappquerytreeMatch3.0.17beta

querytreeappquerytreeMatch3.0.19beta

querytreeappquerytreeMatch3.0.21beta

querytreeappquerytreeMatch3.0.25beta

querytreeappquerytreeMatch3.0.27beta

querytreeappquerytreeMatch3.0.29beta

querytreeappquerytreeMatch3.0.31beta

querytreeappquerytreeMatch3.0.36beta

querytreeappquerytreeMatch3.0.39beta

querytreeappquerytreeMatch3.0.41beta

querytreeappquerytreeMatch3.0.43beta

querytreeappquerytreeMatch3.0.45beta

querytreeappquerytreeMatch3.0.49beta

querytreeappquerytreeMatch3.0.51beta

querytreeappquerytreeMatch3.0.53beta

querytreeappquerytreeMatch3.0.55beta

querytreeappquerytreeMatch3.0.57beta

querytreeappquerytreeMatch3.0.59beta

querytreeappquerytreeMatch3.0.61beta

querytreeappquerytreeMatch3.0.63beta

querytreeappquerytreeMatch3.0.65beta

querytreeappquerytreeMatch3.0.69beta

querytreeappquerytreeMatch3.0.71beta

querytreeappquerytreeMatch3.0.73beta

querytreeappquerytreeMatch3.0.76beta

querytreeappquerytreeMatch3.0.79beta

querytreeappquerytreeMatch3.0.83beta

querytreeappquerytreeMatch3.0.85beta

querytreeappquerytreeMatch3.0.88beta

querytreeappquerytreeMatch3.0.90beta

querytreeappquerytreeMatch3.0.92beta

querytreeappquerytreeMatch3.0.95beta

querytreeappquerytreeMatch3.0.97beta

querytreeappquerytreeMatch3.0.99beta

VendorProductVersionCPE
querytreeappquerytree3.0.11cpe:2.3:a:querytreeapp:querytree:3.0.11:beta:*:*:*:*:*:*
querytreeappquerytree3.0.13cpe:2.3:a:querytreeapp:querytree:3.0.13:beta:*:*:*:*:*:*
querytreeappquerytree3.0.15cpe:2.3:a:querytreeapp:querytree:3.0.15:beta:*:*:*:*:*:*
querytreeappquerytree3.0.17cpe:2.3:a:querytreeapp:querytree:3.0.17:beta:*:*:*:*:*:*
querytreeappquerytree3.0.19cpe:2.3:a:querytreeapp:querytree:3.0.19:beta:*:*:*:*:*:*
querytreeappquerytree3.0.21cpe:2.3:a:querytreeapp:querytree:3.0.21:beta:*:*:*:*:*:*
querytreeappquerytree3.0.25cpe:2.3:a:querytreeapp:querytree:3.0.25:beta:*:*:*:*:*:*
querytreeappquerytree3.0.27cpe:2.3:a:querytreeapp:querytree:3.0.27:beta:*:*:*:*:*:*
querytreeappquerytree3.0.29cpe:2.3:a:querytreeapp:querytree:3.0.29:beta:*:*:*:*:*:*
querytreeappquerytree3.0.31cpe:2.3:a:querytreeapp:querytree:3.0.31:beta:*:*:*:*:*:*

Vendor	Product	Version	CPE
querytreeapp	querytree	3.0.11	cpe:2.3:a:querytreeapp:querytree:3.0.11:beta::::::
querytreeapp	querytree	3.0.13	cpe:2.3:a:querytreeapp:querytree:3.0.13:beta::::::
querytreeapp	querytree	3.0.15	cpe:2.3:a:querytreeapp:querytree:3.0.15:beta::::::
querytreeapp	querytree	3.0.17	cpe:2.3:a:querytreeapp:querytree:3.0.17:beta::::::
querytreeapp	querytree	3.0.19	cpe:2.3:a:querytreeapp:querytree:3.0.19:beta::::::
querytreeapp	querytree	3.0.21	cpe:2.3:a:querytreeapp:querytree:3.0.21:beta::::::
querytreeapp	querytree	3.0.25	cpe:2.3:a:querytreeapp:querytree:3.0.25:beta::::::
querytreeapp	querytree	3.0.27	cpe:2.3:a:querytreeapp:querytree:3.0.27:beta::::::
querytreeapp	querytree	3.0.29	cpe:2.3:a:querytreeapp:querytree:3.0.29:beta::::::
querytreeapp	querytree	3.0.31	cpe:2.3:a:querytreeapp:querytree:3.0.31:beta::::::

Rows per page:

1-10 of 371

References

github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f

github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.002

Percentile

64.7%

JSON

Related for NVD:CVE-2019-19249

cvelist1 cve1 osv1 prion1