Total
2086 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-13309 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.5 MEDIUM | 5.4 MEDIUM |
|
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature.
|
|||||
| CVE-2020-13295 | 1 Gitlab | 1 Runner | 2024-11-21 | 6.5 MEDIUM | 5.4 MEDIUM |
|
For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.
|
|||||
| CVE-2020-13286 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.0 MEDIUM | 6.4 MEDIUM |
|
For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery.
|
|||||
| CVE-2020-13226 | 1 Wso2 | 1 Api Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
WSO2 API Manager 3.0.0 does not properly restrict outbound network access from a Publisher node, opening up the possibility of SSRF to this node's entire intranet.
|
|||||
| CVE-2020-12725 | 1 Redash | 1 Redash | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding headers, selecting any HTTP verb, etc.
|
|||||
| CVE-2020-12644 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 4.0 MEDIUM | 5.0 MEDIUM |
|
OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API.
|
|||||
| CVE-2020-12529 | 1 Mbconnectline | 2 Mbconnect24, Mymbconnect24 | 2024-11-21 | 5.0 MEDIUM | 5.8 MEDIUM |
|
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2 There is a SSRF in the LDAP access check, allowing an attacker to scan for open ports.
|
|||||
| CVE-2020-11988 | 2 Apache, Fedoraproject | 2 Xmlgraphics Commons, Fedora | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
|
Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Users should upgrade to 2.6 or later.
|
|||||
| CVE-2020-11980 | 1 Apache | 1 Karaf | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
|
In Karaf, JMX authentication takes place using JAAS and authorization takes place using ACL files. By default, only an "admin" can actually invoke on an MBean. However there is a vulnerability there for someone who is not an admin, but has a "viewer" role. In the 'etc/jmx.acl.cfg', such as role can call get*. It's possible to authenticate as a viewer role + invokes on the MLet getMBeansFromURL method, which goes off to a remote server to fetch the desired MBean, which is then registered in Karaf ...
Show More |
|||||
| CVE-2020-11885 | 1 Wso2 | 1 Enterprise Integrator | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
WSO2 Enterprise Integrator through 6.6.0 has an XXE vulnerability where a user (with admin console access) can use the XML validator to make unintended network invocations such as SSRF via an uploaded file.
|
|||||
| CVE-2020-11453 | 1 Microstrategy | 1 Microstrategy Web | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. The functionality requires no authentication and, while it is not possible to pass parameters in the SSRF request, it is still possible to exploit it to conduct port scanning. An attacker could exploit this vulnerability to enumerate the resources allocated in the network (IP addresses and services exposed). NOTE: MicroStrategy is unable to reprodu ...
Show More |
|||||
| CVE-2020-11452 | 1 Microstrategy | 1 Microstrategy Web | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
Microstrategy Web 10.4 includes functionality to allow users to import files or data from external resources such as URLs or databases. By providing an external URL under attacker control, it's possible to send requests to external resources (aka SSRF) or leak files from the local system using the file:// stream wrapper.
|
|||||
| CVE-2020-10980 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration.
|
|||||
| CVE-2020-10956 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature.
|
|||||
| CVE-2020-10791 | 1 It-novum | 1 Openitcockpit | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php in openITCOCKPIT before 3.7.3 allows remote authenticated users to trigger outbound TCP requests (aka SSRF) via the Test Connection feature (aka testGrafanaConnection) of the Grafana Module.
|
|||||
| CVE-2020-10770 | 1 Redhat | 1 Keycloak | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack.
|
|||||
| CVE-2020-10252 | 1 Owncloud | 1 Owncloud | 2024-11-21 | 6.5 MEDIUM | 8.3 HIGH |
|
An issue was discovered in ownCloud before 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (aka Blind SSRF) or conduct a Denial Of Service attack.
|
|||||
| CVE-2020-10212 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the PATH_INFO. Also, an attacker could create a DNS hostname that resolves to the 0.0.0.0 IP address for DNS pinning. NOTE: this issue exists because of an incomplete fix for CVE-2018-14728.
|
|||||
| CVE-2020-10077 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
GitLab EE 3.0 through 12.8.1 allows SSRF. An internal investigation revealed that a particular deprecated service was creating a server side request forgery risk.
|
|||||
| CVE-2019-9827 | 1 Hawt | 1 Hawtio | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.
|
|||||
| CVE-2019-9187 | 1 Ikiwiki | 1 Ikiwiki | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via file: URIs.
|
|||||
| CVE-2019-9174 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows SSRF.
|
|||||
| CVE-2019-8982 | 1 Wavemaker | 1 Wavemarker Studio | 2024-11-21 | 6.8 MEDIUM | 9.6 CRITICAL |
|
com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF.
|
|||||
| CVE-2019-8451 | 1 Atlassian | 1 Jira Server | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
|
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.
|
|||||
| CVE-2019-8156 | 1 Magento | 1 Magento | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
A server-side request forgery (SSRF) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to modify store configurations can manipulate the connector api endpoint to enable remote code execution.
|
|||||
| CVE-2019-8151 | 1 Magento | 1 Magento | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user with admin privileges to manipulate shippment settings can execute arbitrary code through server-side request forgery due to unsafe handling of a carrier gateway.
|
|||||
| CVE-2019-7923 | 1 Magento | 1 Magento | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by authenticated user with admin privileges to manipulate shipment settings to execute arbitrary code.
|
|||||
| CVE-2019-7913 | 1 Magento | 1 Magento | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
A server-side request forgery (SSRF) vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with admin privileges to manipulate shipment methods to execute arbitrary code.
|
|||||
| CVE-2019-7911 | 1 Magento | 1 Magento | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
A server-side request forgery (SSRF) vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to the admin panel to manipulate system configuration and execute arbitrary code.
|
|||||
| CVE-2019-7892 | 1 Magento | 1 Magento | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with administrator privileges to access shipment settings can execute arbitrary code via server-side request forgery.
|
|||||
| CVE-2019-7652 | 1 Thehive-project | 1 Cortex-analyzers | 2024-11-21 | 4.0 MEDIUM | 7.7 HIGH |
|
TheHive Project UnshortenLink analyzer before 1.1, included in Cortex-Analyzers before 1.15.2, has SSRF. To exploit the vulnerability, an attacker must create a new analysis, select URL for Data Type, and provide an SSRF payload like "http://127.0.0.1:22" in the Data parameter. The result can be seen in the main dashboard. Thus, it is possible to do port scans on localhost and intranet hosts.
|
|||||
| CVE-2019-7616 | 1 Elastic | 1 Kibana | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SSRF) flaw in the graphite integration for Timelion visualizer. An attacker with administrative Kibana access could set the timelion:graphite.url configuration option to an arbitrary URL. This could possibly lead to an attacker accessing external URL resources as the Kibana process on the host system.
|
|||||
| CVE-2019-6981 | 1 Synacor | 1 Zimbra Collaboration Suite | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Zimbra Collaboration Suite 8.7.x through 8.8.11 allows Blind SSRF in the Feed component.
|
|||||
| CVE-2019-6837 | 1 Schneider-electric | 8 Meg6260-0410, Meg6260-0410 Firmware, Meg6260-0415 and 5 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could cause server configuration data to be exposed when an attacker modifies a URL.
|
|||||
| CVE-2019-6793 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.8 MEDIUM | 7.0 HIGH |
|
An issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The Jira integration feature is vulnerable to an unauthenticated blind SSRF issue.
|
|||||
| CVE-2019-6257 | 1 Std42 | 1 Elfinder | 2024-11-21 | 4.0 MEDIUM | 7.7 HIGH |
|
A Server Side Request Forgery (SSRF) vulnerability in elFinder before 2.1.46 could allow a malicious user to access the content of internal network resources. This occurs in get_remote_contents() in php/elFinder.class.php.
|
|||||
| CVE-2019-5725 | 1 Qibosoft | 1 Qibosoft | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
qibosoft through V7 allows remote attackers to read arbitrary files via the member/index.php main parameter, as demonstrated by SSRF to a URL on the same web site to read a .sql file.
|
|||||
| CVE-2019-5464 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized.
|
|||||
| CVE-2019-4741 | 3 Ibm, Linux, Microsoft | 4 Aix, Content Navigator, Linux Kernel and 1 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 172815.
|
|||||
| CVE-2019-4262 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
IBM QRadar SIEM 7.2 and 7.3 is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the QRadar system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 160014.
|
|||||