CVE-2022-39241

Published: Nov 2, 2022Modified: Nov 21, 2024

4.9

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

Discourse is a platform for community discussion. A malicious admin could use this vulnerability to perform port enumeration on the local host or other hosts on the internal network, as well as against hosts on the Internet. Latest `stable`, `beta`, and `test-passed` versions are now patched. As a workaround, self-hosters can use `DISCOURSE_BLOCKED_IP_BLOCKS` env var (which overrides `blocked_ip_blocks` setting) to stop webhooks from accessing private IPs.

Affected (11)

Products: Discourse: Discourse

Discourse

1 product

Discourse

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Discourse Discourse	Before 2.8.10
Discourse Discourse	Version 2.9.0 beta10
Discourse Discourse	Version 2.9.0 beta1
Discourse Discourse	Version 2.9.0 beta2
Discourse Discourse	Version 2.9.0 beta3
Discourse Discourse	Version 2.9.0 beta4
Discourse Discourse	Version 2.9.0 beta5
Discourse Discourse	Version 2.9.0 beta6
Discourse Discourse	Version 2.9.0 beta7
Discourse Discourse	Version 2.9.0 beta8
Discourse Discourse	Version 2.9.0 beta9

Related CWEs

CWE-918

Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (2)

https://github.com/discourse/discourse/security/advisories/GHSA-rcc5-28r3-23rr

Source: security-advisories@github.com

Third Party Advisory

https://github.com/discourse/discourse/security/advisories/GHSA-rcc5-28r3-23rr

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.