CVE-2024-4219

Опубликовано: 04 июн. 2024

Источник: nvd

CVSS3: 4.8

CVSS3: 9.1

EPSS Низкий

Описание

Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability.

Ссылки

https://www.beyondtrust.com/trust-center/security-advisories/BT24-05
Vendor Advisory
https://www.beyondtrust.com/trust-center/security-advisories/BT24-05
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:beyondtrust:beyondinsight:*:*:*:*:*:*:*:*

Версия до 23.2 (исключая)

EPSS

Процентиль: 32%

0.00123

Низкий

4.8 Medium

CVSS3

9.1 Critical

CVSS3

Дефекты

CWE-918

Связанные уязвимости

GHSA-wr7j-7cg5-p3pv

CVSS3: 4.8

github

больше 1 года назад

Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability.

EPSS

Процентиль: 32%

0.00123

Низкий

4.8 Medium

CVSS3

9.1 Critical

CVSS3

Дефекты

CWE-918