Univention Corporate Server univention-directory-notifier 12.0.1-3 and earlier Vulnerability: Intentional Information Exposure

Univention Corporate Server univention-directory-notifier 12.0.1-3 and earlier Vulnerability: Intentional Information Exposure

CVE-2019-1010283 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Univention Corporate Server univention-directory-notifier 12.0.1-3 and earlier is affected by: CWE-213: Intentional Information Exposure. The impact is: Loss of Confidentiality. The component is: function data_on_connection() in src/callback.c. The attack vector is: network connectivity. The fixed version is: 12.0.1-4 and later.

Learn more about our Cis Benchmark Audit For Server Software.