Unknown
CVE-2019-11628
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 Patch 4, April 2018 Patch 3, June 2018 Patch 3, September 2018 Patch 4, November 2018 Patch 4, or February 2019 Patch 2. An authenticated user may be able to bypass intended file-read restrictions via crafted Browser requests.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- qlik analytics april 2018,
- qlik analytics february 2018,
- qlik analytics february 2019,
- qlik analytics june 2017,
- qlik analytics june 2018,
- qlik analytics november 2017,
- qlik analytics november 2018,
- qlik analytics september 2017,
- qlik analytics september 2018,
- qlik sense april 2018,
- qlik sense february 2018,
- qlik sense february 2019,
- qlik sense june 2017,
- qlik sense june 2018,
- qlik sense november 2017,
- qlik sense november 2018,
- qlik sense september 2017,
- qlik sense september 2018,
- qlikview server 11.20,
- qlikview server 12.00,
- qlikview server 12.10,
- qlikview server 12.20,
- qlikview server 12.30
References
Miscellaneous
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below: