Directory Traversal Vulnerability in Apache Camel Products
CVE-2019-0194

7.5HIGH

Key Information:

Vendor: Apache
Status: Apache Camel
Vendor: CVE Published:; 30 April 2019

🔔 Create Apache Vulnerability Alert

What is CVE-2019-0194?

The File component of Apache Camel is vulnerable to directory traversal, allowing unauthorized access to files outside of the intended directory structure. This issue affects multiple versions of Apache Camel, and if exploited, could lead to significant security breaches by granting attackers access to sensitive files.

Affected Version(s)

Apache Camel Camel 2.21.0 to 2.21.3

Apache Camel Camel 2.22.0 to 2.22.2 and Camel 2.23.0 The unsupported Camel 2.x (2.19 and earlier) versions may be also affected.

References

https://lists.apache.org/thread.html/45e23ade8d3cb754615f...

mailing-listx_refsource_MLIST

https://lists.apache.org/thread.html/0a163d02169d3d361150...

mailing-listx_refsource_MLIST

https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28...

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2019
Vulnerability Reserved
Nov 14, 2018

.