Vulnerabilities (CVE)

Filtered by CWE-918
Total 1167 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-22049 1 Vmware 1 Vcenter Server 2021-11-30 7.5 HIGH 9.8 CRITICAL
The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service.
CVE-2021-22970 1 Concretecms 1 Concrete Cms 2021-11-23 5.0 MEDIUM 7.5 HIGH
Concrete CMS (formerly concrete5) versions 8.5.6 and below and version 9.0.0 allow local IP importing causing the system to be vulnerable toa. SSRF attacks on the private LAN servers by reading files from the local LAN. An attacker can pivot in the private LAN and exploit local network appsandb. SSRF Mitigation Bypass through DNS RebindingConcrete CMS security team gave this a CVSS score of 3.5 AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:NConcrete CMS is maintaining Concrete version 8.5.x until 1 May 2022 for security fixes.This CVE is shared with HackerOne Reports https://hackerone.com/reports/1364797 and https://hackerone.com/reports/1360016Reporters: Adrian Tiron from FORTBRIDGE (https://www.fortbridge.co.uk/ ) and Bipul Jaiswal
CVE-2021-22969 1 Concretecms 1 Concrete Cms 2021-11-23 5.0 MEDIUM 5.3 MEDIUM
Concrete CMS (formerly concrete5) versions below 8.5.7 has a SSRF mitigation bypass using DNS Rebind attack giving an attacker the ability to fetch cloud IAAS (ex AWS) IAM keys.To fix this Concrete CMS no longer allows downloads from the local network and specifies the validated IP when downloading rather than relying on DNS.Discoverer: Adrian Tiron from FORTBRIDGE ( https://www.fortbridge.co.uk/ )The Concrete CMS team gave this a CVSS 3.1 score of 3.5 AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N . Please note that Cloud IAAS provider mis-configurations are not Concrete CMS vulnerabilities. A mitigation for this vulnerability is to make sure that the IMDS configurations are according to a cloud provider's best practices.This fix is also in Concrete version 9.0.0
CVE-2021-43562 1 Pixxio 1 Pixx.io 2021-11-16 6.5 MEDIUM 8.8 HIGH
An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for TYPO3. The extension fails to restrict the image download to the configured pixx.io DAM URL, resulting in SSRF. As a result, an attacker can download various content from a remote location and save it to a user-controlled filename, which may result in Remote Code Execution. A TYPO3 backend user account is required to exploit this.
CVE-2021-43293 1 Sonatype 1 Nexus Repository Manager 2021-11-05 4.0 MEDIUM 4.3 MEDIUM
Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery (SSRF).
CVE-2021-29738 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2021-11-03 5.5 MEDIUM 5.4 MEDIUM
IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7 ) is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 201302.
CVE-2021-29844 1 Ibm 7 Engineering Lifecycle Optimization, Engineering Requirements Quality Assistant On-premises, Engineering Workflow Management and 4 more 2021-11-02 6.5 MEDIUM 8.8 HIGH
IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVE-2021-22958 1 Concretecms 1 Concrete Cms 2021-11-01 7.5 HIGH 9.8 CRITICAL
A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction with local services. Impact can vary depending on services exposed.CVSSv2.0 AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
CVE-2021-35512 1 Zohocorp 1 Manageengine Applications Manager 2021-10-28 6.4 MEDIUM 6.5 MEDIUM
An SSRF issue was discovered in Zoho ManageEngine Applications Manager build 15200.
CVE-2021-41792 1 Alfresco 2 Alfresco Content Services, Alfresco Transform Services 2021-10-27 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request is not available to the attacker, i.e., this is blind SSRF.
CVE-2021-25972 1 Tuzitio 1 Camaleon Cms 2021-10-25 4.0 MEDIUM 4.9 MEDIUM
In Camaleon CMS, versions 2.1.2.0 to 2.6.0, are vulnerable to Server-Side Request Forgery (SSRF) in the media upload feature, which allows admin users to fetch media files from external URLs but fails to validate URLs referencing to localhost or other internal servers. This allows attackers to read files stored in the internal server.
CVE-2021-32663 1 Combodo 1 Itop 2021-10-22 5.0 MEDIUM 7.5 HIGH
iTop is an open source web based IT Service Management tool. In affected versions an attacker can call the system setup without authentication. Given specific parameters this can lead to SSRF. This issue has been resolved in versions 2.6.5 and 2.7.5 and later
CVE-2021-22033 1 Vmware 3 Cloud Foundation, Vrealize Operations, Vrealize Suite Lifecycle Manager 2021-10-19 4.0 MEDIUM 2.7 LOW
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.
CVE-2020-21653 1 Myucms Project 1 Myucms 2021-10-15 6.4 MEDIUM 9.1 CRITICAL
Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.
CVE-2020-21649 1 Myucms Project 1 Myucms 2021-10-14 5.5 MEDIUM 8.1 HIGH
Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.
CVE-2021-42091 1 Zammad 1 Zammad 2021-10-14 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in Zammad before 4.1.1. SSRF can occur via GitHub or GitLab integration.
CVE-2021-39867 1 Gitlab 1 Gitlab 2021-10-12 5.5 MEDIUM 8.1 HIGH
In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks.
CVE-2021-39894 1 Gitlab 1 Gitlab 2021-10-12 5.5 MEDIUM 5.4 MEDIUM
In all versions of GitLab CE/EE since version 8.0, a DNS rebinding vulnerability exists in Fogbugz importer which may be used by attackers to exploit Server Side Request Forgery attacks.
CVE-2021-37223 1 Nagios 1 Nagios Xi 2021-10-12 4.0 MEDIUM 6.5 MEDIUM
Nagios Enterprises NagiosXI <= 5.8.4 contains a Server-Side Request Forgery (SSRF) vulnerability in schedulereport.php. Any authenticated user can create scheduled reports containing PDF screenshots of any view in the NagiosXI application. Due to lack of input sanitisation, the target page can be replaced with an SSRF payload to access internal resources or disclose local system files.
CVE-2021-37104 1 Huawei 2 P40, P40 Firmware 2021-10-06 5.0 MEDIUM 7.5 HIGH
There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain resource which the attacker are supposed not to do.