Vulnerabilities > CVE-2019-19611 - Unspecified vulnerability in Halvotec Raquest 10.23.10801.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

halvotec

NVD

Published: 2020-03-13

Updated: 2021-12-21

Summary

An issue was discovered in Halvotec RaQuest 10.23.10801.0. One of the exposed web services allows an anonymous user to access the list of connected users as well as the session cookie for each user. Fixed in Release 10.24.11206.1

Vulnerable Configurations

Part	Description	Count
Application	Halvotec Halvotec Raquest 10.23.10801.0	1

References

https://excellium-services.com/cert-xlm-advisory/cve-2019-19611/