Lucene search
K

123 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:10 p.m.7 views

CVE-2021-38132

Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000...

9.8CVSS7AI score0.00396EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:9 p.m.8 views

CVE-2021-38135

Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000...

9.8CVSS7AI score0.00443EPSS
Exploits0
OSV
OSV
added 2025/03/07 5:15 p.m.2 views

CVE-2023-43052

IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domai...

5.3CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2025/03/07 5:15 p.m.15 views

CVE-2023-43052

IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domai...

5.3CVSS0.00338EPSS
Exploits0References1
CVE
CVE
added 2025/03/07 4:55 p.m.51 views

CVE-2023-43052

IBM Control Center versions 6.2.1–6.3.1 are affected by an External Service Interaction (DNS) vulnerability due to improper input validation. A remote attacker can induce server-side DNS lookups or HTTP requests to arbitrary domains, enabling the app server to contact other systems. The IBM Secur...

5.3CVSS7AI score0.00338EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/07 4:55 p.m.16 views

CVE-2023-43052 IBM Control Center external service interaction

IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domai...

5.3CVSS7AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/07 4:55 p.m.18 views

CVE-2023-43052 IBM Control Center external service interaction

IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domai...

5.3CVSS0.00338EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/07 4:44 p.m.11 views

Security Bulletin: IBM Sterling Control Center is vulnerable to External Service Interaction (DNS)

Summary External Service Interaction DNS Vulnerability are impacting IBM Sterling control center v6.3.1 and v6.2.1 Vulnerability Details CVEID:CVE-2023-43052 DESCRIPTION: IBM Sterling Control Center is vulnerable to an external service interaction attack, caused by improper validation of...

5.3CVSS6.9AI score0.00338EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/02/17 7:11 p.m.7 views

BIT-GITLAB-2024-9870 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab

An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...

8.8CVSS4.4AI score0.00366EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/02/14 3:38 p.m.9 views

CVE-2024-9870

An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...

8.8CVSS6.2AI score0.00366EPSS
Exploits1References1
NCSC
NCSC
added 2025/02/13 9:9 a.m.8 views

Vulnerabilities fixed in GitLab CE/EE

GitLab has fixed vulnerabilities in GitLab CE/EE Specifically for versions 14.1 to 17.8.2. The vulnerabilities include a denial-of-service vulnerability, an external service interaction vulnerability, a critical XSS vulnerability, improper authorization vulnerabilities, an insecure direct object...

8.8CVSS6.2AI score0.00473EPSS
Exploits4References1
NVD
NVD
added 2025/02/12 4:15 p.m.13 views

CVE-2024-9870

An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...

8.8CVSS0.00366EPSS
Exploits1References2
OSV
OSV
added 2025/02/12 4:15 p.m.5 views

UBUNTU-CVE-2024-9870

An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...

8.8CVSS5.8AI score0.00366EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/02/12 3:31 p.m.17 views

CVE-2024-9870 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab

An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...

4.3CVSS0.00366EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/02/12 3:31 p.m.10 views

CVE-2024-9870 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab

An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...

4.3CVSS4.3AI score0.00366EPSS
Exploits1References2
OSV
OSV
added 2025/02/12 3:31 p.m.3 views

CVE-2024-9870 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab

An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...

4.3CVSS6.4AI score0.00366EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2025/02/12 3:31 p.m.6 views

CVE-2024-9870

Removed by vendor...

8.8CVSS5.8AI score0.00366EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/02/12 12:0 a.m.1 views

PT-2025-6773 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 15.11 through 17.6.4 GitLab EE versions 17.7 through 17.7.3 GitLab EE versions 17.8 through 17.8.1 Description: An external service interaction issue in GitLab EE allows an attacker to send requests from the GitLab server t...

8.8CVSS6.5AI score0.00366EPSS
Exploits1References11
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.5 views

GitLab Enterprise Edition 安全漏洞

GitLab Enterprise Edition EE is a content management system from GitLab, Inc. in the United States. A security vulnerability exists in GitLab Enterprise Edition that stems from an external service interaction that does not restrict the request target...

8.8CVSS6.5AI score0.00366EPSS
Exploits1References2
OSV
OSV
added 2024/11/22 4:15 p.m.3 views

CVE-2021-38135

Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000...

9.8CVSS5.7AI score0.00443EPSS
Exploits0References1
Rows per page
Query Builder