Lucene search
GoogleOSV:GHSA-FFXG-5F8M-H72JHistoryAug 05, 2024 - 6:30 a.m.
Rocket.Chat Server-Side Request Forgery (SSRF) vulnerability
2024-08-0506:30:36
Google
osv.dev
6
rocket.chat
ssrf
twilio
vulnerability
CVSS3
8.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
37.7%
A Server-Side Request Forgery (SSRF) affects Rocket.Chat’s Twilio webhook endpoint before version 6.10.1.
Related
nvd
nvd
CVE-2024-39713
2024-08-05 05:15:39
nessus
nessus
Rocket.Chat < 6.10.1 Server-Side Request Forgery
2024-08-09 00:00:00
github
github
Rocket.Chat Server-Side Request Forgery (SSRF) vulnerability
2024-08-05 06:30:36
osv
osv
CVE-2024-39713
2024-08-05 05:15:39
cve
cve
CVE-2024-39713
2024-08-05 05:15:39
hackerone
hackerone
Rocket.Chat: Unauthenticated full-read SSRF via Twilio integration
2023-02-25 06:06:46
vulnrichment
vulnrichment
CVE-2024-39713
2024-08-05 04:26:06
cvelist
cvelist
CVE-2024-39713
2024-08-05 04:26:06
CVSS3
8.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
37.7%
Related for OSV:GHSA-FFXG-5F8M-H72J