Lucene search
Veracode Vulnerability DatabaseVERACODE:6065HistoryApr 09, 2018 - 3:41 a.m.
Sever Side Request Forgery (SSRF)
2018-04-0903:41:25
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
0.007 Low
EPSS
Percentile
79.9%
aheinze/cockpit is vulnerable to server side request forgery (SSRF) attacks. The attack is possible because it through the window.fetch_url_contents function, allowing a malicious user to read arbitrary files, scan network ports, carry out information detection and internal network server attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| aheinze/cockpit | le | 0.13.0 |
Related
zdt
zdt
Cockpit CMS 0.13.0 Server Side Request Forgery Vulnerability
2018-04-08 00:00:00
prion
prion
Server side request forgery (ssrf)
2018-04-10 15:29:00
Server side request forgery (ssrf)
2018-05-02 15:29:00
packetstorm
packetstorm
Cockpit CMS 0.13.0 Server Side Request Forgery
2018-04-06 00:00:00
Cockpit CMS 0.5.5 Server-Side Request Forgery
2018-04-28 00:00:00
nvd
nvd
CVE-2017-14611
2018-04-10 15:29:01
CVE-2018-9302
2018-05-02 15:29:01
cve
cve
CVE-2017-14611
2018-04-10 15:29:01
CVE-2018-9302
2018-05-02 15:29:01
cvelist
cvelist
CVE-2017-14611
2018-04-10 15:00:00
CVE-2018-9302
2018-05-02 15:00:00
exploitpack
exploitpack
Cockpit CMS 0.4.4 0.5.5 - Server-Side Request Forgery
2018-05-02 00:00:00
exploitdb
exploitdb
Cockpit CMS 0.4.4 < 0.5.5 - Server-Side Request Forgery
2018-05-02 00:00:00