Arctic Security · Arctic Hub · CVE-2024-12867
**Name of the Vulnerable Software and Affected Versions**
Arctic Security's Arctic Hub versions 3.0.1764 through 5.6.1877
**Description**
A Server-Side Request Forgery issue exists in the URL Mapper of Arctic Security's Arctic Hub, allowing an unauthenticated remote attacker to exfiltrate and modify configurations and data.
**Recommendations**
For versions 3.0.1764 through 5.6.1877, consider disabling the URL Mapper feature until a patch is available to prevent exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.