Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Undertow Missing Authorization Vulnerability - CVE-2019-10184 - Vulnerability Database
Undertow

Undertow Missing Authorization Vulnerability - CVE-2019-10184

High
Reference: CVE-2019-10184
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-10184
Title: Undertow Missing Authorization Vulnerability
Overview:

undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.