CVE-2023-52331

HIGH Year: 2023
CVSS v3 Score
7.1
High
Weakness Type
CWE-918
View all →

Vulnerability Description

A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Related Vulnerabilities

CVE-2020-14296

HIGH
CVSS:7.1(High)

Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal netwo...

CWE-9182020

CVE-2021-31828

HIGH
CVSS:7.1(High)

An SSRF issue in Open Distro for Elasticsearch (ODFE) before 1.13.1.0 allows an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests exceedi...

CWE-9182021

CVE-2022-21697

HIGH
CVSS:7.1(High)

Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploy...

CWE-9182022

CVE-2022-2756

HIGH
CVSS:7.1(High)

Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1.

CWE-9182022

CVE-2022-44729

HIGH
CVSS:7.1(High)

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trig...

CWE-9182022

CVE-2023-34370

HIGH
CVSS:7.1(High)

Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates, Brainstorm Force Premium Starter Templates.This issue affects ...

CWE-9182023