← Back

CVE-2024-9410

nvd nist
Published: Oct 4, 2024Modified: Nov 22, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the use of a data scraping endpoint.

Affected (1)

Products: Ada: Ada
Ada
1 product
Ada
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Ada
Before 2024-10-01

Related CWEs

CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (1)

Source: vulnreport@tenable.com
ExploitThird Party Advisory

Timeline

No history available yet.