What is CVE-2019-14841?

CVE-2019-14841 is a high-severity vulnerability in Redhat Decision_manager, classified under Improper Preservation of Permissions. CVSS score: 8.8/10. Published 2022-10-17.

How severe is CVE-2019-14841?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Redhat Decision_manager

CVE-2019-14841

A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console.

EPSS: 0.006 (44.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Redhat Decision_manager — versions 7.0
Redhat Process_automation — versions 7.0
N/a Business-central — versions Business-central as shipped in RHDM 7 and RHPAM 7

Weakness classification (CWE)

CWE-281 — Improper Preservation of Permissions

References

secalert@redhat.com (Issue Tracking, Vendor Advisory)
secalert@redhat.com (Vendor Advisory)

Frequently asked questions

What is CVE-2019-14841?: CVE-2019-14841 is a high-severity vulnerability in Redhat Decision_manager, classified under Improper Preservation of Permissions. CVSS score: 8.8/10. Published 2022-10-17.
How severe is CVE-2019-14841?: High severity. CVSS v3 base score is 8.8 out of 10.