Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,641)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-0403 1Cisco 2Unified Contact Center Express Unified Ip Interactive Voice Response Nov 21, 2024 Jul 18, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg7...Show more Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.Show less
CVE-2018-0399 1Cisco 1Finesse Nov 21, 2024 Jul 18, 2018 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. Cisco Bug IDs: CSCvg71044.
CVE-2018-0398 1Cisco 1Finesse Nov 21, 2024 Jul 18, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. Cisco Bug IDs: CSCvg71018.
CVE-2018-13790 1Concretecms 1Concrete Cms Nov 21, 2024 Jul 9, 2018 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the...Show more A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page.Show less
CVE-2018-12571 1Microsoft 1Forefront Unified Access Gateway Nov 21, 2024 Jul 5, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url pa...Show more uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome.Show less
CVE-2017-0929 1Dnnsoftware 1Dotnetnuke Nov 21, 2024 Jul 3, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.
CVE-2018-1000606 1Jenkins 1Urltrigger Nov 21, 2024 Jun 26, 2018 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...Show more A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.Show less
CVE-2018-1000553 1Trovebox 1Trovebox Nov 21, 2024 Jun 26, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Trovebox version <= 4.0.0-rc6 contains a Server-Side request forgery vulnerability in webhook component that can result in read or update internal resources. This attack appear to be exploitable via HTTP request. This vu...Show more Trovebox version <= 4.0.0-rc6 contains a Server-Side request forgery vulnerability in webhook component that can result in read or update internal resources. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed.Show less
CVE-2018-12678 1Portainer 1Portainer Nov 21, 2024 Jun 22, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restric...Show more Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks.Show less
CVE-2018-5752 1Open Xchange 1Open Xchange Appsuite Nov 21, 2024 Jun 16, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF...Show more The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal representations of IP addresses and special IPv6 related addresses.Show less
CVE-2018-11586 1Searchblox 1Searchblox Nov 21, 2024 Jun 5, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML...Show more XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.Show less
CVE-2018-1000188 1Jenkins 1Cas Nov 21, 2024 Jun 5, 2018 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.
CVE-2018-1000185 1Jenkins 1Github Branch Source Nov 21, 2024 Jun 5, 2018 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specif...Show more A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.Show less
CVE-2018-1000184 1Jenkins 1Github Nov 21, 2024 Jun 5, 2018 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified...Show more A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.Show less
CVE-2018-1000182 1Jenkins 1Git Nov 21, 2024 Jun 5, 2018 N/A· v4 6.4 MEDIUM· v3 5.5 MEDIUM· v2 A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows att...Show more A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.Show less
CVE-2018-9920 1K2 1Smartforms Nov 21, 2024 May 24, 2018 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL.
CVE-2018-11031 1Gouguoyin 1Phprap Nov 21, 2024 May 14, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request.
CVE-2018-9919 1Tp Shop 1Tp Shop Nov 21, 2024 May 2, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 through 2.0.8, which allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, b...Show more A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 through 2.0.8, which allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, because /vendor/phpdocumentor/reflection-docblock/tests/phpDocumentor/Reflection/DocBlock/Tag/LinkTagTeet.php writes data from the "down_url" URL into the "bddlj" local file if the attacker knows the backdoor "jmmy" parameter.Show less
CVE-2018-9302 1Getcockpit 1Cockpit Nov 21, 2024 May 2, 2018 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 SSRF (Server Side Request Forgery) in /assets/lib/fuc.js.php in Cockpit 0.4.4 through 0.5.5 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter. NOTE: this vulnerab...Show more SSRF (Server Side Request Forgery) in /assets/lib/fuc.js.php in Cockpit 0.4.4 through 0.5.5 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-14611, which was about version 0.13.0, which (surprisingly) is an earlier version than 0.4.4.Show less
CVE-2018-8939 1Progress 1Whatsup Gold Nov 21, 2024 May 1, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can submit specially crafted requests via the NmAPI executable to (1) gain unauthorized access to the WhatsUp Gold s...Show more An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can submit specially crafted requests via the NmAPI executable to (1) gain unauthorized access to the WhatsUp Gold system, (2) obtain information about the WhatsUp Gold system, or (3) execute remote commands.Show less

Previous 1...127128129...133 Next