ГлавнаяУязвимости → CVE-2023-44313
7.6высокая

CVE-2023-44313

Описание

Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb before 2.1.0(include). Users are recommended to upgrade to version 2.2.0, which fixes the issue.

Затрагиваемое ПО
Apache Servicecomb
CVSS
Балл7.6 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
Источники
http://www.openwall.com/lists/oss-security/2024/01/31/4https://lists.apache.org/thread/kxovd455o9h4f2v811hcov2qknbwld5rhttp://www.openwall.com/lists/oss-security/2024/01/31/4https://lists.apache.org/thread/kxovd455o9h4f2v811hcov2qknbwld5r