CVE-2019-3475

HIGH

Microfocus Filr - Improper Privilege Management

Title source: rule

Description

A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.

Exploits (1)

exploitdb WORKING POC VERIFIED

by SecureAuth · textwebappslinux

https://www.exploit-db.com/exploits/46450

View Code ZIP pw:eip

References (3)

Core 3

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/46450/

Various Sources x_refsource_misc

https://support.microfocus.com/kb/doc.php?id=7023727

Various Sources x_refsource_misc

https://download.novell.com/Download?buildid=nZUCSDkvpxk~

Scores

CVSS v3 7.8

EPSS 0.0141

EPSS Percentile 80.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-269 CWE-264

Status published

Products (1)

microfocus/filr 3.0 (6 CPE variants)

Published Feb 20, 2019

Tracked Since Feb 18, 2026