High severity7.5NVD Advisory· Published Mar 14, 2019· Updated Jun 17, 2026
CVE-2019-3816
CVE-2019-3816
Description
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15- osv-coords13 versionspkg:rpm/opensuse/openwsman&distro=openSUSE%20Leap%2015.0pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/openwsman&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4
< 2.6.7-lp150.2.3.1+ 12 more
- (no CPE)range: < 2.6.7-lp150.2.3.1
- (no CPE)range: < 2.4.11-21.8.1
- (no CPE)range: < 2.4.11-21.8.1
- (no CPE)range: < 2.6.7-3.3.1
- (no CPE)range: < 2.2.3-0.16.8.1
- (no CPE)range: < 2.4.11-21.8.1
- (no CPE)range: < 2.4.11-21.8.1
- (no CPE)range: < 2.2.3-0.16.8.1
- (no CPE)range: < 2.4.11-21.8.1
- (no CPE)range: < 2.4.11-21.8.1
- (no CPE)range: < 2.2.3-0.16.8.1
- (no CPE)range: < 2.4.11-21.8.1
- (no CPE)range: < 2.4.11-21.8.1
Patches
Vulnerability mechanics
References
11- bugzilla.suse.com/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2019-04/msg00006.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2019-04/msg00065.htmlnvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/107368nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/107409nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2019:0638nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2019:0972nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V5HJ355RSKMFQ7GRJAHRZNDVXASF7TA/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B2HEZ7D7GF3HDF36JLGYXIK5URR66DS4/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CXQP7UDPRZIZ4LM7FEJCTC2EDUYVOR2J/nvd
News mentions
0No linked articles in our index yet.