Lucene search
@huntrdevCVELIST:CVE-2022-2339HistoryJul 07, 2022 - 3:15 a.m.
CVE-2022-2339 Server-Side Request Forgery (SSRF) in nocodb/nocodb
2022-07-0703:15:12
CWE-918
@huntrdev
www.cve.org
2
cve-2022-2339
server-side request forgery
ssrf
nocodb
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
0.001
Percentile
51.0%
With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the server and read it’s contents. This attack can lead to leak of sensitive information.
CNA Affected
[
{
"product": "nocodb/nocodb",
"vendor": "nocodb",
"versions": [
{
"lessThan": "0.92.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2022-2339
2022-07-07 04:15:11
huntr
huntr
SSRF via Import URL
2022-06-14 11:05:27
nvd
nvd
CVE-2022-2339
2022-07-07 04:15:11
prion
prion
Server side request forgery (ssrf)
2022-07-07 04:15:00
cve
cve
CVE-2022-2339
2022-07-07 04:15:11
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS
0.001
Percentile
51.0%
Related for CVELIST:CVE-2022-2339