Vulnerabilities > CVE-2014-9302 - Remote Security vulnerability in Community Edition
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Server-side request forgery (SSRF) vulnerability in the cmisbrowser servlet in Content Management Interoperability Service (CMIS) in Alfresco Community Edition 5.0.a and earlier allows remote attackers to trigger outbound requests via a crafted URI in the url parameter. <a href="http://cwe.mitre.org/data/definitions/918.html">CWE-918: Server-Side Request Forgery (SSRF)</a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Alfresco /cmisbrowser url Parameter Server Side Request Forgery (SSRF). CVE-2014-9302. Remote exploits for multiple platform |
id | EDB-ID:39259 |
last seen | 2016-02-04 |
modified | 2014-07-16 |
published | 2014-07-16 |
reporter | V. Paulikas |
source | https://www.exploit-db.com/download/39259/ |
title | Alfresco /cmisbrowser url Parameter Server Side Request Forgery SSRF |