CVE-2019-3833

Summary

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server.

Affected Software

VendorProductVersion RangeStatus
[UNKNOWN]openwsmanversions up to and including 2.6.9affected

Weaknesses

  • CWE-835: CWE-835

ADP Enrichment

CVE Program Container

Additional References

References