CVE-2019-11641

EUVD-2019-3311
Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
anomaliagave
𝑥
≤ 1.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/threatstream/agave/issues/1
https://github.com/threatstream/agave/issues/1