exploitDog

CVE-2024-22217

Опубликовано: 15 авг. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on.

Ссылки

https://docs.terminalfour.com/articles/release-notes-highlights/
Vendor Advisory
https://docs.terminalfour.com/release-notes/security-notices/cve-2024-22217/
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:terminalfour:terminalfour:*:*:*:*:*:*:*:*

Версия до 8.3.19 (исключая)

EPSS

Процентиль: 67%

0.00551

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-918

CWE-918

Связанные уязвимости

GHSA-hhrv-84gm-4q6x

CVSS3: 6.5

github

больше 1 года назад

A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on.

EPSS

Процентиль: 67%

0.00551

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-918

CWE-918