{"id":"CVE-2019-1010308","details":"Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file.","modified":"2026-07-08T18:17:18.887762Z","published":"2019-07-15T18:15:12.070Z","references":[{"type":"ADVISORY","url":"https://github.com/aquaverde/aquarius-core"},{"type":"FIX","url":"https://github.com/aquaverde/aquarius-core/commit/e1af89aa9df07ea265d879518ede9eb98aa494e0"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/aquaverde/aquarius-core","events":[{"introduced":"0"},{"fixed":"443c0bf745275e7220d0368bf5ec14d67f2c0753"},{"fixed":"e1af89aa9df07ea265d879518ede9eb98aa494e0"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"4.1.1"}],"source":["CPE_RANGE","REFERENCES"],"cpe":"cpe:2.3:a:aquaverde:aquarius_cms:*:*:*:*:*:*:*:*"}}],"versions":["v4.1.0","v3.9.0","v3.8.0","v3.7.1","v3.6.9","v3.7.0","v3.6.7","v3.6.5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1010308.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}