Skip to main content

Openitcockpit CVE-2019-15493

HIGH
2019-08-23 cve@mitre.org
7.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 23, 2019 - 13:15 nvd
HIGH 7.5

DescriptionNVD

openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21.

AnalysisAI

openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21. Affected products include: It-Novum Openitcockpit. Version information: before 3.7.1.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2026-24892 HIGH POC
7.5 Feb 20

Unsafe PHP deserialization in openITCOCKPIT Community Edition 5.3.1 and earlier allows authenticated attackers to inject

CVE-2026-24891 HIGH POC
7.5 Feb 20

Remote code execution in openITCOCKPIT 5.3.1 and earlier via unsafe deserialization in the Gearman worker component, whi

CVE-2020-10789 CRITICAL
9.8 Mar 25

openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell met

CVE-2019-15494 CRITICAL
9.8 Aug 23

openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21. Rated critical severity (CVSS 9.8), this vulnerability is rem

CVE-2019-15490 CRITICAL
9.8 Aug 23

openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21. Rated critical severity (CVSS 9.8), this vulnerabil

CVE-2020-10788 CRITICAL
9.1 Mar 25

openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than generating a random API

CVE-2026-24893 HIGH
8.8 Apr 14

Remote code execution in openITCOCKPIT Community Edition (versions prior to 5.5.2) allows authenticated users with host

CVE-2023-36663 HIGH
8.8 Jun 25

it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by authenticated users) via the so

CVE-2019-15491 HIGH
8.8 Aug 23

openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21. Rated high severity (CVSS 8.8), this vulnerability is remotely e

CVE-2023-3520 MEDIUM POC
4.6 Jul 06

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository it-novum/openitcockpit prior to 4.6.6.

CVE-2023-3218 MEDIUM POC
4.4 Jun 13

Race Condition within a Thread in GitHub repository it-novum/openitcockpit prior to 4.6.5. Rated medium severity (CVSS 4

CVE-2020-10792 HIGH
7.5 Mar 20

openITCOCKPIT through 3.7.2 allows remote attackers to configure the self::DEVELOPMENT or self::STAGING option by placin

Share

CVE-2019-15493 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy