CVE-2019-19750
CRITICAL EXPLOITEDminerstat msOS <2019-10-23 - Info Disclosure
Title source: llmExploitation Summary
CVE-2019-19750 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
minerstat msOS before 2019-10-23 does not have a unique SSH key for each instance of the product.
References (2)
Core 2
Core References
Patch, Third Party Advisory
https://github.com/minerstat/minerstat-os/commit/487ebd652dc9dc81120809effb2ddb3f66fc5f14
Scores
CVSS v3
9.8
EPSS
0.0113
EPSS Percentile
62.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
VulnCheck KEV
2020-04-10
CWE
CWE-321
Status
published
Products (1)
minerstat/msos
< 2019-10-23
Published
Dec 12, 2019
Tracked Since
Feb 18, 2026