Vulnerabilities > CVE-2019-14860 - Unspecified vulnerability in Redhat Fuse and Syndesis

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

redhat

NVD

Published: 2019-11-08

Updated: 2024-11-21

Summary

It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further access unauthorized information.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Syndesis - Redhat Fuse 1.0 Redhat Fuse 1.0.0 Redhat Fuse 6.0.0 Redhat Fuse 6.1.0 Redhat Fuse 6.2.0 Redhat Fuse 6.2.1 Redhat Fuse 6.3.0 Redhat Fuse 7.0.0 Redhat Fuse 7.0.1 Redhat Fuse 7.1.0 Redhat Fuse 7.2.0 Redhat Fuse 7.3.0 Redhat Fuse 7.3.1 Redhat Fuse 7.4.0 Redhat Fuse 7.4.1	16

Redhat

advisories

rhsa

id	RHSA-2019:3892

References

https://access.redhat.com/errata/RHSA-2019:3892
https://access.redhat.com/errata/RHSA-2019:3892
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14860
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14860