Lucene search
K

4 matches found

Circl
Circl
added 2023/08/22 10:18 p.m.7 views

CVE-2023-24515

creationtimestamp| type| source ---|---|--- 2023-08-22 22:18:01+00:00| seen| https://t.me/cibsecurity/68959...

6.5CVSS6.4AI score0.00427EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/22 12:59 p.m.18 views

CVE-2023-24515 Server side request forgery in api checker

Server-Side Request Forgery SSRF vulnerability in API checker of Pandora FMS. Application does not have a check on the URL scheme used while retrieving API URL. Rather than validating the http/https scheme, the application allows other scheme such as file, which could allow a malicious user to...

5.2CVSS6.7AI score0.00427EPSS
Exploits0References2
CVE
CVE
added 2023/08/22 12:59 p.m.2500 views

CVE-2023-24515

The CVE-2023-24515 entry describes a Server-Side Request Forgery (SSRF) vulnerability in the API checker of Pandora FMS. The root cause is that the application does not validate the URL scheme when retrieving the API URL, allowing schemes such as file in addition to http/https. This could enable ...

6.5CVSS5.5AI score0.00427EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/22 12:59 p.m.13 views

CVE-2023-24515 Server side request forgery in api checker

Server-Side Request Forgery SSRF vulnerability in API checker of Pandora FMS. Application does not have a check on the URL scheme used while retrieving API URL. Rather than validating the http/https scheme, the application allows other scheme such as file, which could allow a malicious user to...

5.2CVSS6.9AI score0.00427EPSS
Exploits0References2
Rows per page
Query Builder