Vulnerabilities > CVE-2019-15021 - Server-Side Request Forgery (SSRF) vulnerability in Zingbox Inspector

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

zingbox

CWE-918

NVD

Published: 2019-10-09

Updated: 2022-01-01

Summary

A security vulnerability exists in the Zingbox Inspector versions 1.294 and earlier, that can allow an attacker to easily identify instances of Zingbox Inspectors in a local area network.

Vulnerable Configurations

Part	Description	Count
Application	Zingbox Zingbox Inspector - Zingbox Inspector 1.280 Zingbox Inspector 1.281 Zingbox Inspector 1.286 Zingbox Inspector 1.287 Zingbox Inspector 1.288 Zingbox Inspector 1.293 Zingbox Inspector 1.294	8

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

References

https://security.paloaltonetworks.com/CVE-2019-15021