Lucene search

K

CVE-2021-22970

🗓️ 19 Nov 2021 19:08:15Reported by hackeroneType 
cve
 cve
🔗 web.nvd.nist.gov👁 43 Views

Concrete CMS versions 8.5.6 and below and version 9.0.0 allow SSRF attacks on private LAN servers, with a CVSS score of 3.5

Show more
Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
Prion
Server side request forgery (ssrf)
19 Nov 202119:15
prion
OpenVAS
Concrete CMS 9.0.0 SSRF Vulnerability
22 Nov 202100:00
openvas
OpenVAS
Concrete CMS < 8.5.7 Multiple Vulnerabilities
22 Nov 202100:00
openvas
OSV
Server-Side Request Forgery in Concrete CMS
23 Nov 202118:18
osv
CNVD
PortlandLabs Concrete Cms Code Problem Vulnerability
23 Nov 202100:00
cnvd
Cvelist
CVE-2021-22970
19 Nov 202118:08
cvelist
NVD
CVE-2021-22970
19 Nov 202119:15
nvd
Hacker One
Concrete CMS: SSRF - pivoting in the private LAN
10 Oct 202108:28
hackerone
Veracode
Server-Side Request Forgery (SSRF)
24 Nov 202109:51
veracode
Github Security Blog
Server-Side Request Forgery in Concrete CMS
23 Nov 202118:18
github
Rows per page
Nvd
[
  {
    "product": "https://github.com/concrete5/concrete5",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Affected versions Concrete CMS (formerly concrete5) versions below 8.5.6 and 9.0.0. Fixed versions 9.0.1 and 8.5.7"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
19 Nov 2021 19:15Current
7.4High risk
Vulners AI Score7.4
CVSS25.0
CVSS37.5
EPSS0.001
43
.json
Report