Описание
Server-Side Request Forgery (SSRF) vulnerability in Ctera Portal 8.1.x (8.1.1417.24) allows remote attackers to induce the server to make arbitrary HTTP requests via a crafted HTML file containing an iframe.
Ссылки
- Third Party Advisory
- Release Notes
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ctera:ctera:8.1.1417.24:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00062
Низкий
7.5 High
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 7.5
github
около 2 месяцев назад
Server-Side Request Forgery (SSRF) vulnerability in Ctera Portal 8.1.x (8.1.1417.24) allows remote attackers to induce the server to make arbitrary HTTP requests via a crafted HTML file containing an iframe.
EPSS
Процентиль: 20%
0.00062
Низкий
7.5 High
CVSS3
Дефекты
CWE-918