Vulnerabilities > CVE-2014-2233 - Cross-Site Request Forgery vulnerability in MapSuite MapAPI

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
infoware

Summary

Server-side request forgery (SSRF) vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to trigger requests to intranet servers via unspecified vectors. <a href="http://cwe.mitre.org/data/definitions/918.html">CWE-918: Server-Side Request Forgery (SSRF)</a>

Vulnerable Configurations

Part Description Count
Application
Infoware
2