CVE-2024-2827

MEDIUM Year: 2024
CVSS v3 Score
6.3
Medium
CVSS v2 Score
6.5
Medium
Weakness Type
CWE-918
View all →

Vulnerability Description

A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to 20240315. This issue affects some unknown processing of the file /ureport/designer/saveReportFile. The manipulation leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257717 was assigned to this vulnerability.

Related Vulnerabilities

CVE-2017-7553

MEDIUM
CVSS:6.3(Medium)

The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoi...

CWE-9182017

CVE-2020-11980

MEDIUM
CVSS:6.3(Medium)

In Karaf, JMX authentication takes place using JAAS and authorization takes place using ACL files. By default, only an "admin" can actually invoke on an MBean. However there is a vulnerability there f...

CWE-9182020

CVE-2020-4294

MEDIUM
CVSS:6.3(Medium)

IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to Server Side Request Forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to ne...

CWE-9182020

CVE-2020-4974

MEDIUM
CVSS:6.3(Medium)

IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to networ...

CWE-9182020

CVE-2020-8555

MEDIUM
CVSS:6.3(Medium)

The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certa...

CWE-9182020

CVE-2021-3758

MEDIUM
CVSS:6.3(Medium)

bookstack is vulnerable to Server-Side Request Forgery (SSRF)

CWE-9182021