Lucene search

[email protected]NVD:CVE-2024-22648

HistoryJan 30, 2024 - 7:15 a.m.

CVE-2024-22648

2024-01-3007:15:08

CWE-918

[email protected]

web.nvd.nist.gov

cve-2024-22648

ssrf

seo panel

remote attackers

port scanning

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

33.5%

JSON

A Blind SSRF vulnerability exists in the “Crawl Meta Data” functionality of SEO Panel version 4.10.0. This makes it possible for remote attackers to scan ports in the local environment.

Affected configurations

Nvd

Node

seopanelseo_panelMatch4.10.0

VendorProductVersionCPE
seopanelseo_panel4.10.0cpe:2.3:a:seopanel:seo_panel:4.10.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
seopanel	seo_panel	4.10.0	cpe:2.3:a:seopanel:seo_panel:4.10.0:::::::*

References

github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22648

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

33.5%

JSON

Related for NVD:CVE-2024-22648

cve1 cvelist1 osv2 prion1