Описание
Server Side Request Forgery (SSRF) in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to scan internal ports and make outbound connections via the initFile.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:quest:policy_authority_for_unified_communications:8.1.2.200:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00377
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
** UNSUPPORTED WHEN ASSIGNED ** Server Side Request Forgery (SSRF) in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to scan internal ports and make outbound connections via the initFile.jsp file. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
EPSS
Процентиль: 59%
0.00377
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-918