Lucene search
GoogleOSV:CVE-2024-44677HistorySep 10, 2024 - 4:15 p.m.
CVE-2024-44677
2024-09-1016:15:20
Google
osv.dev
cve-2024-44677
server-side request forgery
arbitrary code execution
databasecontroller
software
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.8
Confidence
High
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the DatabaseController.java component.
Related
nvd
nvd
CVE-2024-44677
2024-09-10 16:15:20
cvelist
cvelist
CVE-2024-44677
2024-09-10 00:00:00
vulnrichment
vulnrichment
CVE-2024-44677
2024-09-10 00:00:00
cve
cve
CVE-2024-44677
2024-09-10 16:15:20
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.8
Confidence
High
Related for OSV:CVE-2024-44677