VYPR

Dynamic Resource Scheduling (DRS)

by Kirona

CVEs (2)

  • CVE-2019-17504MedOct 11, 2019
    risk 0.43cvss 6.1epss 0.03

    An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter.

  • CVE-2019-17503MedOct 11, 2019
    risk 0.41cvss 5.3epss 0.49

    An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This…