How severe is CVE-2019-1841?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2019-1841?

This is classified as CWE-441, which is a common weakness in software security.

CVE-2019-1841

HIGH Year: 2019

CVSS v3 Score

8.1

High

CVSS v2 Score

5.5

Medium

Weakness Type

CWE-441

View all →

Vulnerability Description

A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending arbitrary HTTP requests to internal services. An exploit could allow the attacker to bypass any firewall or other protections to access unauthorized internal services. DNAC versions prior to 1.2.5 are affected.

CVE-2025-47269

HIGH

CVSS:8.3(High)

code-server runs VS Code on any machine anywhere through browser access. Prior to version 4.99.4, a maliciously crafted URL using the proxy subpath can result in the attacker gaining access to the ses...

CWE-4412025

CVE-2023-40111

HIGH

CVSS:7.8(High)

In setMediaButtonReceiver of MediaSessionRecord.java, there is a possible way to send a pending intent on behalf of system_server due to a confused deputy. This could lead to local escalation of privi...

CWE-4412023

CVE-2021-32783

HIGH

CVSS:8.5(High)

Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contou...

CWE-4412021

CVE-2024-30128

HIGH

CVSS:8.6(High)

HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into...

CWE-4412024

CVE-2019-3924

HIGH

CVSS:7.5(High)

MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A...

CWE-4412019

CVE-2021-32773

HIGH

CVSS:7.5(High)

Racket is a general-purpose programming language and an ecosystem for language-oriented programming. In versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to inc...

CWE-4412021

CVE-2019-1841

Vulnerability Description

Related Vulnerabilities

CVE-2025-47269

CVE-2023-40111

CVE-2021-32783

CVE-2024-30128

CVE-2019-3924

CVE-2021-32773