Lucene search
HistoryOct 03, 2022 - 4:20 p.m.
CVE-2014-9302
cve-2014-9302
server-side request forgery
ssrf
cmisbrowser servlet
content management interoperability service
cmis
alfresco community edition 5.0.a
security vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.8 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
82.0%
Server-side request forgery (SSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition 5.0.a and earlier allows remote attackers to trigger outbound requests via a crafted URI in the url parameter.
Affected configurations
Node
alfrescocommunity_editionRange≤5.0.a
| CPE | Name | Operator | Version |
|---|---|---|---|
| alfresco:community_edition | alfresco community edition | le | 5.0.a |
Related
prion
prion
Server side request forgery (ssrf)
2014-12-07 21:59:00
cvelist
cvelist
CVE-2014-9302
2022-10-03 16:20:41
nvd
nvd
CVE-2014-9302
2014-12-07 21:59:03
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.8 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
82.0%
Related for CVE-2014-9302