Описание
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.4.3 (включая)
cpe:2.3:a:redhat:mobile_application_platform:*:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00181
Низкий
6.3 Medium
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 6
redhat
больше 8 лет назад
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
CVSS3: 6.3
github
больше 3 лет назад
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
EPSS
Процентиль: 40%
0.00181
Низкий
6.3 Medium
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-918