CVE-2020-35850

Опубликовано: 30 дек. 2020

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't think [it] is a big real-life issue.

Ссылки

https://github.com/cockpit-project/cockpit/issues/15077
Exploit
Third Party Advisory
https://github.com/passtheticket/vulnerability-research/blob/main/cockpitProject/README.md
Exploit
Third Party Advisory
https://github.com/cockpit-project/cockpit/issues/15077
Exploit
Third Party Advisory
https://github.com/passtheticket/vulnerability-research/blob/main/cockpitProject/README.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cockpit-project:cockpit:234:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.00447

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-918

Связанные уязвимости

CVE-2020-35850

CVSS3: 6.5

ubuntu

около 5 лет назад

An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't think [it] is a big real-life issue.

CVE-2020-35850

CVSS3: 6.5

debian

около 5 лет назад

An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: ...

GHSA-3mxq-x62m-9mvp

CVSS3: 6.5

github

больше 3 лет назад

** DISPUTED ** An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't think [it] is a big real-life issue."

BDU:2026-00316

CVSS3: 6.5

fstec

больше 1 года назад

Уязвимость сайта cockpit-project.org системы управления серверами Cockpit, позволяющая нарушителю осуществить SSRF-атаку

ROS-20251226-7301

CVSS3: 6.5

redos

около 1 месяца назад

Уязвимость cockpit

EPSS

Процентиль: 63%

0.00447

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-918