1.1.48

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

infoware

NVD

Published: 2014-12-01

Updated: 2024-11-21

Summary

Server-side request forgery (SSRF) vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to trigger requests to intranet servers via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Infoware Infoware Mapsuite 1.0.35 Infoware Mapsuite 1.1.48	2

References

http://iw.mapandroute.de/MapAPI-1.0/releaseHistory.jsp
http://iw.mapandroute.de/MapAPI-1.0/releaseHistory.jsp
http://iw.mapandroute.de/MapAPI-1.1/releaseHistory.jsp
http://iw.mapandroute.de/MapAPI-1.1/releaseHistory.jsp
http://www.christian-schneider.net/advisories/CVE-2014-2233.txt
http://www.christian-schneider.net/advisories/CVE-2014-2233.txt