|
|||
Rule General Information |
---|
Release Date: | 2020-01-14 | |
Rule Name: | ELOG Project ELOG show_uploader_json NULL Pointer Dereference Vulnerability -2 (CVE-2019-3995) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request. | |
Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
Affected OS: | Windows, Others | |
Reference: | https://www.tenable.com/security/research/tra-2019-53 |
|
Solutions |
---|
The vendors have released upgrade patches to fix vulnerabilities, please visit: https://elog.psi.ch/ |