CVE-2019-3996

Summary

ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.

Affected Software

VendorProductVersion RangeStatus
n/aELOGELOG 3.1.4-57bea22 and belowaffected

Weaknesses

  • CWE-441: CWE-441 Unintended Proxy

ADP Enrichment

CVE Program Container

Additional References

References