How severe is CVE-2019-11747?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2019-11747?

This is classified as CWE-665, which is a common weakness in software security.

CVE-2019-11747

MEDIUM Year: 2019

CVSS v3 Score

6.5

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-665

View all →

Vulnerability Description

The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the user specifies an http: URL rather than secure https: they will not be protected by the pre-loaded HSTS setting. After that visit the site's HSTS setting will be restored. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

CVE-2013-1675

MEDIUM

CVSS:6.5(Medium)

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPr...

CWE-6652013

CVE-2017-10972

MEDIUM

CVSS:6.5(Medium)

Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server...

CWE-6652017

CVE-2017-3820

MEDIUM

CVSS:6.5(Medium)

A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could al...

CWE-6652017

CVE-2018-1174

MEDIUM

CVSS:6.5(Medium)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that...

CWE-6652018

CVE-2018-1175

MEDIUM

CVSS:6.5(Medium)

CWE-6652018

CVE-2019-1299

MEDIUM

CVSS:6.5(Medium)

An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'...

CWE-6652019

CVE-2019-11747

Vulnerability Description

Related Vulnerabilities

CVE-2013-1675

CVE-2017-10972

CVE-2017-3820

CVE-2018-1174

CVE-2018-1175

CVE-2019-1299