Lucene search
TR-CERTCVE-2023-1725HistoryMar 30, 2023 - 3:15 p.m.
CVE-2023-1725
2023-03-3015:15:07
CWE-918
TR-CERT
web.nvd.nist.gov
21
cve-2023-1725
ssrf
server-side request forgery
infoline project management system
vulnerability
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.002
Percentile
57.6%
Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows Server Side Request Forgery.This issue affects Project Management System: before 4.09.31.125.
Affected configurations
Node
infoline-trproject_management_systemRange<4.09.31.125
| Vendor | Product | Version | CPE |
|---|---|---|---|
| infoline-tr | project_management_system | * | cpe:2.3:a:infoline-tr:project_management_system:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Project Management System",
"vendor": "Infoline",
"versions": [
{
"lessThan": "4.09.31.125",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]References
Related
nvd
nvd
CVE-2023-1725
2023-03-30 15:15:07
prion
prion
Server side request forgery (ssrf)
2023-03-30 15:15:00
cvelist
cvelist
CVE-2023-1725 SSRF in Infoline Project Management System
2023-03-30 14:30:45
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.002
Percentile
57.6%
Related for CVE-2023-1725