CVE-2019-5891

Medium

5/10

Summary

An issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allows an attacker to obtain a cookie of an authenticated user, and login to the web application.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Apr 01, 2019

CVE-2019-5891

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS