6.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.6%
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
access.redhat.com/errata/RHSA-2017:2674
access.redhat.com/errata/RHSA-2017:2675
bugzilla.redhat.com/show_bug.cgi?id=1478792