← back
CVE-2019-17503

CVE-2019-17503

EPSS 49.2%◆ VulnCheck KEV
Vexday Risk Score
72High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 49.2%KEV nãoPoC públicaNuclei simMetasploit Patch
Lifecycle
11 Oct 2019Published on NVD
14 Oct 2019Public PoC
Weaponization speed
2 daysto first PoC
Weaponized quickly — attackers prioritized this vulnerability. Patch urgently.
Recommendation: Patch as soon as possible — active exploitation confirmed.
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name, column name, etc.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.