123 matches found
CVE-2021-38132
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000...
CVE-2021-38135
Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000...
CVE-2023-43052
IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domai...
CVE-2023-43052
IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domai...
CVE-2023-43052
IBM Control Center versions 6.2.1–6.3.1 are affected by an External Service Interaction (DNS) vulnerability due to improper input validation. A remote attacker can induce server-side DNS lookups or HTTP requests to arbitrary domains, enabling the app server to contact other systems. The IBM Secur...
CVE-2023-43052 IBM Control Center external service interaction
IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domai...
CVE-2023-43052 IBM Control Center external service interaction
IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domai...
Security Bulletin: IBM Sterling Control Center is vulnerable to External Service Interaction (DNS)
Summary External Service Interaction DNS Vulnerability are impacting IBM Sterling control center v6.3.1 and v6.2.1 Vulnerability Details CVEID:CVE-2023-43052 DESCRIPTION: IBM Sterling Control Center is vulnerable to an external service interaction attack, caused by improper validation of...
BIT-GITLAB-2024-9870 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab
An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...
CVE-2024-9870
An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...
Vulnerabilities fixed in GitLab CE/EE
GitLab has fixed vulnerabilities in GitLab CE/EE Specifically for versions 14.1 to 17.8.2. The vulnerabilities include a denial-of-service vulnerability, an external service interaction vulnerability, a critical XSS vulnerability, improper authorization vulnerabilities, an insecure direct object...
CVE-2024-9870
An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...
UBUNTU-CVE-2024-9870
An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...
CVE-2024-9870 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab
An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...
CVE-2024-9870 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab
An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...
CVE-2024-9870 Unintended Proxy or Intermediary ('Confused Deputy') in GitLab
An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...
CVE-2024-9870
Removed by vendor...
PT-2025-6773 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 15.11 through 17.6.4 GitLab EE versions 17.7 through 17.7.3 GitLab EE versions 17.8 through 17.8.1 Description: An external service interaction issue in GitLab EE allows an attacker to send requests from the GitLab server t...
GitLab Enterprise Edition 安全漏洞
GitLab Enterprise Edition EE is a content management system from GitLab, Inc. in the United States. A security vulnerability exists in GitLab Enterprise Edition that stems from an external service interaction that does not restrict the request target...
CVE-2021-38135
Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000...