CVE-2017-18638

Опубликовано: 12 окт. 2019

Источник: redhat

CVSS3: 7.5

EPSS Критический

Описание

send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.

A flaw was found in graphite-web. The send_email in the graphite-web/webapp/graphite/composer/views.py function is vulnerable to a Server-side request forgery (SSRF). This flaw allows an attacker to use the vulnerable SSRF endpoint to have the Graphite web server request any resource. An attacker can exfiltrate any information due to the response the SSRF request encodes into an image file sent to an email address supplied by the attacker.

Отчет

Graphite metrics / telemetry data does not contain any sensitive information and hence this flaw is rated as Moderate.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Ceph Storage 2	graphite-web	Out of support scope
Red Hat Ceph Storage 3	graphite-web	Out of support scope
Red Hat Storage 3	graphite-web	Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-918

https://bugzilla.redhat.com/show_bug.cgi?id=2001847graphite-web: graphite.composer.views.send_email vulnerable to SSRF

EPSS

Процентиль: 100%

0.90804

Критический

7.5 High

CVSS3

Связанные уязвимости

CVE-2017-18638

CVSS3: 7.5

ubuntu

больше 6 лет назад

CVE-2017-18638

CVSS3: 7.5

nvd

больше 6 лет назад

CVE-2017-18638

CVSS3: 7.5

debian

больше 6 лет назад

send_email in graphite-web/webapp/graphite/composer/views.py in Graphi ...

GHSA-vfj6-275q-4pvm

CVSS3: 7.5

github

больше 6 лет назад

graphite.composer.views.send_email vulnerable to SSRF

EPSS

Процентиль: 100%

0.90804

Критический

7.5 High

CVSS3