exploitDog

CVE-2023-24243

Опубликовано: 16 июн. 2023

Источник: nvd

CVSS3: 7.5

EPSS Высокий

Описание

CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF).

Ссылки

https://arc.cdata.com/
Product
https://arc.cdata.com/trial/
Product
https://gist.github.com/d3vc0r3/6460a5f006e32a2ebffe739e411ab1b8
Exploit
https://www.cdata.com/kb/entries/netembeddedserver-notice.rst
Vendor Advisory
https://arc.cdata.com/
Product
https://arc.cdata.com/trial/
Product
https://gist.github.com/d3vc0r3/6460a5f006e32a2ebffe739e411ab1b8
Exploit
https://www.cdata.com/kb/entries/netembeddedserver-notice.rst
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cdata:arc:*:*:*:*:*:*:*:*

Версия до 22.0.8473 (исключая)

EPSS

Процентиль: 99%

0.88609

Высокий

7.5 High

CVSS3

Дефекты

CWE-918

CWE-918

Связанные уязвимости

GHSA-9xwx-qcqw-ppm5

CVSS3: 7.5

github

больше 2 лет назад

CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF).

EPSS

Процентиль: 99%

0.88609

Высокий

7.5 High

CVSS3

Дефекты

CWE-918

CWE-918