PT-2019-18683 · Thehive · Cortex-Analyzers+1

Alexandre Basquin

·

Publicado

2019-05-09

·

Atualizado

2019-05-13

·

CVE-2019-7652

CVSS v3.1

7.7

Alta

VetorAV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions TheHive Project UnshortenLink analyzer versions prior to 1.1 Cortex-Analyzers versions prior to 1.15.2
Description The issue allows for Server-Side Request Forgery (SSRF) attacks. An attacker can exploit this by creating a new analysis, selecting URL for Data Type, and providing an SSRF payload in the Data parameter, such as "http://127.0.0.1:22". The result of the attack can be seen in the main dashboard, enabling potential port scans on localhost and intranet hosts.
Recommendations For TheHive Project UnshortenLink analyzer versions prior to 1.1, update to version 1.1 or later. For Cortex-Analyzers versions prior to 1.15.2, update to version 1.15.2 or later.

Exploit

Correção

SSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-918

Identificadores relacionados

CVE-2019-7652

Produtos afetados

Cortex-Analyzers
Thehive Project Unshortenlink Analyzer