Lucene search
MitreCVE-2014-9301HistoryDec 07, 2014 - 9:59 p.m.
CVE-2014-9301
2014-12-0721:59:02
mitre
web.nvd.nist.gov
18
cve-2014-9301
ssrf
proxy servlet
alfresco community edition
security vulnerability
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.03
Percentile
91.1%
Server-side request forgery (SSRF) vulnerability in the proxy servlet in Alfresco Community Edition before 5.0.a allows remote attackers to trigger outbound requests to intranet servers, conduct port scans, and read arbitrary files via a crafted URI in the endpoint parameter.
Affected configurations
Node
alfrescoalfrescoRange≤4.2.fcommunity
Related
nvd
nvd
CVE-2014-9301
2014-12-07 21:59:02
cvelist
cvelist
CVE-2014-9301
2014-12-07 21:00:00
exploitdb
exploitdb
Alfresco - '/proxy?endpoint' Server-Side Request Forgery
2014-07-16 00:00:00
attackerkb
attackerkb
CVE-2014-9301
2014-12-07 00:00:00
prion
prion
Server side request forgery (ssrf)
2014-12-07 21:59:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.03
Percentile
91.1%
Related for CVE-2014-9301