How severe is CVE-2019-12491?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.6 out of 10.

What type of vulnerability is CVE-2019-12491?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2019-12491

MEDIUM Year: 2019

CVSS v3 Score

6.6

Medium

CVSS v2 Score

8.5

High

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to run arbitrary commands with root privileges on servers managed by OnApp for XEN/KVM hypervisors. To exploit the vulnerability an attacker has to have control of a single server on a given cloud (e.g. by renting one). From the source server, the attacker can craft any command and trigger the OnApp platform to execute that command with root privileges on a target server.

CVE-2016-3129

MEDIUM

CVSS:6.6(Medium)

A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote att...

NVD-CWE-Other2016

CVE-2016-4525

MEDIUM

CVSS:6.6(Medium)

Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESAF...

NVD-CWE-Other2016

CVE-2017-3551

MEDIUM

CVSS:6.6(Medium)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Smartcard Libraries). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allo...

NVD-CWE-Other2017

CVE-2017-3600

MEDIUM

CVSS:6.6(Medium)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Di...

NVD-CWE-Other2017

CVE-2017-7273

MEDIUM

CVSS:6.6(Medium)

The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibl...

NVD-CWE-Other2017

CVE-2018-2717

MEDIUM

CVSS:6.6(Medium)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allow...

NVD-CWE-Other2018

CVE-2019-12491

Vulnerability Description

Related Vulnerabilities

CVE-2016-3129

CVE-2016-4525

CVE-2017-3551

CVE-2017-3600

CVE-2017-7273

CVE-2018-2717