How severe is CVE-2024-45843?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2024-45843?

This is classified as CWE-918, which is a common weakness in software security.

CVE-2024-45843

MEDIUM Year: 2024

CVSS v3 Score

5.4

Medium

Weakness Type

CWE-918

View all →

Vulnerability Description

Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and Alibaba in the SSRF denylist, which allows an attacker to possibly cause an SSRF if Mattermost was deployed in Oracle Cloud or Alibaba.

CVE-2018-1000184

MEDIUM

CVSS:5.4(Medium)

A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET re...

CWE-9182018

CVE-2018-1000188

MEDIUM

CVSS:5.4(Medium)

A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request ...

CWE-9182018

CVE-2018-13103

MEDIUM

CVSS:5.4(Medium)

OX App Suite 7.8.4 and earlier allows SSRF.

CWE-9182018

CVE-2019-14225

MEDIUM

CVSS:5.4(Medium)

OX App Suite 7.10.1 and 7.10.2 allows SSRF.

CWE-9182019

CVE-2020-24700

MEDIUM

CVSS:5.4(Medium)

OX App Suite through 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring.

CWE-9182020

CVE-2020-4786

MEDIUM

CVSS:5.4(Medium)

IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unau...

CWE-9182020

CVE-2024-45843

Vulnerability Description

Related Vulnerabilities

CVE-2018-1000184

CVE-2018-1000188

CVE-2018-13103

CVE-2019-14225

CVE-2020-24700

CVE-2020-4786