Lucene search
WPScanCVE-2024-4399HistoryMay 23, 2024 - 6:15 a.m.
CVE-2024-4399
2024-05-2306:15:11
WPScan
web.nvd.nist.gov
58
cve-2024-4399
nvd
unauthenticated users
ssrf attack
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
The does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attack
Affected configurations
Node
casRange≤1.0.0wordpress
CNA Affected
[
{
"vendor": "Unknown",
"product": "cas",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "1.0.0"
}
],
"defaultStatus": "affected"
}
]Related
vulnrichment
vulnrichment
CVE-2024-4399 CAS <= 1.0.0 - Unauthenticated SSRF
2024-05-23 06:00:03
nvd
nvd
CVE-2024-4399
2024-05-23 06:15:11
wpexploit
wpexploit
CAS <= 1.0.0 - Unauthenticated SSRF
2024-05-02 00:00:00
wpvulndb
wpvulndb
CAS <= 1.0.0 - Unauthenticated SSRF
2024-05-02 00:00:00
cvelist
cvelist
CVE-2024-4399 CAS <= 1.0.0 - Unauthenticated SSRF
2024-05-23 06:00:03
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-4399