Streaming Engine Security Vulnerabilities and Issues — Streaming Engine CVE List

Lucene search

WowzaStreaming Engine

5 matches found

CVE•added 2020/05/18 5:15 p.m.•88 views

CVE-2019-19454

An arbitrary file download was found in the "Download Log" functionality of Wowza Streaming Engine

7.5CVSS7.5AI score0.00734EPSS

CVE•added 2021/04/23 5:15 p.m.•48 views

CVE-2021-31540

Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/ directory. A regular local user is able to read and write to all the configuration files, e.g., modify the application server configuration.

7.1CVSS6.7AI score0.00035EPSS

CVE•added 2020/08/03 2:15 p.m.•45 views

CVE-2019-19455

Wowza Streaming Engine before 4.8.5 has Insecure Permissions which may allow a local attacker to escalate privileges in / usr / local / WowzaStreamingEngine / manager / bin / in the Linux version of the server by writing arbitrary commands in any file and execute them as root. This issue was resolv...

7.8CVSS7.7AI score0.00027EPSS

CVE•added 2020/01/29 4:15 p.m.•44 views

CVE-2019-7656

A privilege escalation vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any unprivileged Linux user to escalate privileges to root. The installer sets too relaxed permissions on /usr/local/WowzaStreamingEngine/bin/* core program files. By injecting a payload into one of those files,...

7.8CVSS7.8AI score0.00085EPSS

CVE•added 2018/03/01 9:29 p.m.•35 views

CVE-2018-7048

An issue was discovered in Wowza Streaming Engine before 4.7.1. There is a denial of service (memory consumption) via a crafted HTTP request.

7.5CVSS7.3AI score0.01564EPSS