exploitDog

CVE-2017-7553

Опубликовано: 11 сент. 2017

Источник: redhat

CVSS3: 6

EPSS Низкий

Описание

The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.

The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources and access restricted endpoints.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-918

https://bugzilla.redhat.com/show_bug.cgi?id=1478792RHMAP: SSRF via external_request feature of App Studio

EPSS

Процентиль: 40%

0.00181

Низкий

6 Medium

CVSS3

Связанные уязвимости

CVE-2017-7553

CVSS3: 6.3

nvd

больше 8 лет назад

The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.

GHSA-rmmq-9vg2-553m

CVSS3: 6.3

github

больше 3 лет назад

The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.

EPSS

Процентиль: 40%

0.00181

Низкий

6 Medium

CVSS3