CVE-2022-25801

Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools.
References
Link Resource
https://docs.bestpractical.com/release-notes/rtir/index.html Release Notes Vendor Advisory
https://docs.bestpractical.com/release-notes/rtir/5.0.3 Patch Release Notes Vendor Advisory
https://docs.bestpractical.com/release-notes/rtir/4.0.3 Patch Release Notes Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:bestpractical:request_tracker_for_incident_response:*:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:request_tracker_for_incident_response:*:*:*:*:*:*:*:*

Information

Published : 2022-07-14 05:15

Updated : 2022-07-20 03:40


NVD link : CVE-2022-25801

Mitre link : CVE-2022-25801


JSON object : View

CWE
CWE-918

Server-Side Request Forgery (SSRF)

Advertisement

dedicated server usa

Products Affected

bestpractical

  • request_tracker_for_incident_response