PT-2021-17980 · Unknown · Eibport V3

Psytester

Published

2021-09-09

Updated

2021-09-20

CVE-2021-28910

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: eibPort V3 versions prior to 3.9.1

Description: The issue allows unauthenticated attackers to request any internal and external server due to a basic Server-Side Request Forgery (SSRF) vulnerability.

Recommendations: For versions prior to 3.9.1, update to version 3.9.1 or later to resolve the issue.

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2021-28910

Affected Products

Eibport V3

PT-2021-17980 · Unknown · Eibport V3

CVE-2021-28910

Weakness Enumeration

Related Identifiers

Affected Products

References · 4