Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-918
Total 774 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21009 3 Adobe, Linux, Microsoft 3 Campaign Classic, Linux Kernel, Windows 2021-01-21 5.0 MEDIUM 8.6 HIGH
Adobe Campaign Classic Gold Standard 10 (and earlier), 20.3.1 (and earlier), 20.2.3 (and earlier), 20.1.3 (and earlier), 19.2.3 (and earlier) and 19.1.7 (and earlier) are affected by a server-side request forgery (SSRF) vulnerability. Successful exploitation could allow an attacker to use the Campaign instance to issue unauthorized requests to internal or external resources.
CVE-2021-23927 1 Open-xchange 1 Open-xchange Appsuite 2021-01-14 5.5 MEDIUM 6.4 MEDIUM
OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request.
CVE-2020-11980 1 Apache 1 Karaf 2021-01-07 6.5 MEDIUM 6.3 MEDIUM
In Karaf, JMX authentication takes place using JAAS and authorization takes place using ACL files. By default, only an "admin" can actually invoke on an MBean. However there is a vulnerability there for someone who is not an admin, but has a "viewer" role. In the 'etc/jmx.acl.cfg', such as role can call get*. It's possible to authenticate as a viewer role + invokes on the MLet getMBeansFromURL method, which goes off to a remote server to fetch the desired MBean, which is then registered in Karaf. At this point the attack fails as "viewer" doesn't have the permission to invoke on the MBean. Still, it could act as a SSRF style attack and also it essentially allows a "viewer" role to pollute the MBean registry, which is a kind of privilege escalation. The vulnerability is low as it's possible to add a ACL to limit access. Users should update to Apache Karaf 4.2.9 or newer.
CVE-2020-28735 1 Plone 1 Plone 2021-01-04 6.5 MEDIUM 8.8 HIGH
Plone before 5.2.3 allows SSRF attacks via the tracebacks feature (only available to the Manager role).
CVE-2020-35850 1 Cockpit-project 1 Cockpit 2021-01-04 4.0 MEDIUM 6.5 MEDIUM
** DISPUTED ** An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't think [it] is a big real-life issue."
CVE-2020-35712 3 Esri, Linux, Microsoft 3 Arcgis Server, Linux Kernel, Windows 2020-12-30 9.3 HIGH 9.8 CRITICAL
Esri ArcGIS Server before 10.8 is vulnerable to SSRF in some configurations.
CVE-2020-26032 1 Zammad 1 Zammad 2020-12-29 5.0 MEDIUM 7.5 HIGH
An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the User. An attacker can use this to request any URL via a GET request from the network interface of the server. This may lead to disclosure of information from intranet systems.
CVE-2020-8464 1 Trendmicro 1 Interscan Web Security Virtual Appliance 2020-12-22 5.0 MEDIUM 7.5 HIGH
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normally have access.
CVE-2019-14476 1 Adremsoft 1 Netcrunch 2020-12-18 4.0 MEDIUM 6.5 MEDIUM
AdRem NetCrunch 10.6.0.4587 has a Server-Side Request Forgery (SSRF) vulnerability in the NetCrunch server. Every user can trick the server into performing SMB requests to other systems.
CVE-2020-17513 1 Apache 1 Airflow 2020-12-15 5.0 MEDIUM 5.3 MEDIUM
In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack.
CVE-2020-24444 1 Adobe 1 Experience Manager Forms Add-on 2020-12-14 5.0 MEDIUM 5.8 MEDIUM
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems that reside on the same network.
CVE-2017-3164 1 Apache 1 Solr 2020-12-09 5.0 MEDIUM 7.5 HIGH
Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.
CVE-2018-10511 1 Trendmicro 1 Control Manager 2020-12-08 6.4 MEDIUM 10.0 CRITICAL
A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations.
CVE-2020-24815 1 Microstrategy 1 Microstrategy 2020-12-02 4.0 MEDIUM 6.5 MEDIUM
A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a dossier/dashboard document. NOTE: 10.4., no fix will be released as version will reach end-of-life on 31/12/2020.
CVE-2020-24063 1 Canto 1 Canto 2020-12-01 5.0 MEDIUM 7.2 HIGH
The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF.
CVE-2020-15297 1 Bitdefender 1 Update Server 2020-11-24 6.4 MEDIUM 9.1 CRITICAL
Insufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools versions prior to 6.6.20.294 allows an unprivileged attacker to bypass the in-place mitigations and interact with hosts on the network. This issue affects: Bitdefender Update Server versions prior to 6.6.20.294.
CVE-2020-27018 2 Microsoft, Trendmicro 2 Windows, Interscan Messaging Security Virtual Appliance 2020-11-24 2.1 LOW 5.5 MEDIUM
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's web server and grant access to web resources or parts of local files. An attacker must already have obtained authenticated privileges on the product to exploit this vulnerability.
CVE-2020-26815 1 Sap 1 Fiori Launchpad \(news Tile Application\) 2020-11-24 5.0 MEDIUM 8.6 HIGH
SAP Fiori Launchpad (News tile Application), versions - 750,751,752,753,754,755, allows an unauthorized attacker to send a crafted request to a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network to retrieve sensitive / confidential resources which are otherwise restricted for internal usage only, resulting in a Server-Side Request Forgery vulnerability.
CVE-2020-7328 1 Mcafee 1 Mvision Endpoint 2020-11-23 6.5 MEDIUM 7.2 HIGH
External entity attack vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers to gain control of a resource or trigger arbitrary code execution via improper input validation of an HTTP request, where the content for the attack has been loaded into ePO by an ePO administrator.
CVE-2020-27624 1 Jetbrains 1 Youtrack 2020-11-20 5.0 MEDIUM 5.3 MEDIUM
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.