CVE-2022-29942

Talend Administration Center has a vulnerability that allows an authenticated user to use the Service Registry 'Add' functionality to perform SSRF HTTP GET requests on URLs in the internal network. The issue is fixed for versions 8.0.x in TPS-5189, versions 7.3.x in TPS-5175, and versions 7.2.x in TPS-5201. Earlier versions of Talend Administration Center may also be impacted; users are encouraged to update to a supported version.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:talend:administration_center:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:talend:administration_center:7.2.0:*:*:*:*:*:*:*
cpe:2.3:a:talend:administration_center:7.3.0:*:*:*:*:*:*:*

Information

Published : 2022-05-04 11:15

Updated : 2022-05-13 10:27


NVD link : CVE-2022-29942

Mitre link : CVE-2022-29942


JSON object : View

CWE
CWE-918

Server-Side Request Forgery (SSRF)

Advertisement

dedicated server usa

Products Affected

talend

  • administration_center