CVE-2024-0403

by Fred · 01/03/2024

Recipes version 1.5.10 allows arbitrary HTTP requests to be made

through the server. This is possible because the application is

vulnerable to SSRF.

More information : https://fluidattacks.com/advisories/harris/

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : NONE
Confidentiality impact : LOW
Integrity impact : LOW
Base score : 6.5
Base severity : MEDIUM
Exploitability score : 3.9
Impact score : 2.5

CVE-2024-0403

Similar

Recent Posts

Categories

CVE-2024-0403

Share this:

Similar

Recent Posts

Categories

Tags