Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/03/29 3:28 p.m.18 views

CVE-2024-48944

Server-Side Request Forgery SSRF vulnerability in Apache Kylin. Through a kylin server, an attacker may forge a request to invoke "/kylin/api/xxx/diag" api on another internal host and possibly get leaked information. There are two preconditions: 1 The attacker has got admin access to a kylin...

6.5CVSS7.3AI score0.00577EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 3:15 p.m.22 views

CVE-2024-48944

Server-Side Request Forgery SSRF vulnerability in Apache Kylin. Through a kylin server, an attacker may forge a request to invoke "/kylin/api/xxx/diag" api on another internal host and possibly get leaked information. There are two preconditions: 1 The attacker has got admin access to a kylin...

6.5CVSS0.00577EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/27 3:5 p.m.22 views

CVE-2024-48944 Apache Kylin: SSRF vulnerability in the diagnosis api

Server-Side Request Forgery SSRF vulnerability in Apache Kylin. Through a kylin server, an attacker may forge a request to invoke "/kylin/api/xxx/diag" api on another internal host and possibly get leaked information. There are two preconditions: 1 The attacker has got admin access to a kylin...

0.00577EPSS
Exploits0References1
OSV
OSV
added 2025/03/27 3:5 p.m.7 views

CVE-2024-48944 Apache Kylin: SSRF vulnerability in the diagnosis api

Server-Side Request Forgery SSRF vulnerability in Apache Kylin. Through a kylin server, an attacker may forge a request to invoke "/kylin/api/xxx/diag" api on another internal host and possibly get leaked information. There are two preconditions: 1 The attacker has got admin access to a kylin...

6.5CVSS6.6AI score0.00577EPSS
Exploits0References5
CVE
CVE
added 2025/03/27 3:5 p.m.77 views

CVE-2024-48944

Apache Kylin is affected by a Server-Side Request Forgery (SSRF) in the /kylin/api/xxx/diag endpoint. The issue requires two preconditions: the attacker has admin access to a Kylin server and a second internal host exposes the /kylin/api/xxx/diag API, allowing forging requests to internal service...

6.5CVSS6.7AI score0.00577EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2025/03/27 2:3 a.m.11 views

CVE-2024-48944

creationtimestamp| type| source ---|---|--- 2025-03-27 02:03:49+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lld7ipbs3y2k 2025-03-27 16:27:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9139...

6.5CVSS4.8AI score0.00577EPSS
Exploits0References2
Rows per page
Query Builder