Vulnerabilities > CVE-2019-15494 - Server-Side Request Forgery (SSRF) vulnerability in It-Novum Openitcockpit

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

NVD

Published: 2019-08-23

Updated: 2019-08-26

Summary

openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21.

Part	Description	Count
Application	It-Novum IT Novum Openitcockpit 3.0.4 IT Novum Openitcockpit 3.0.5 IT Novum Openitcockpit 3.0.6-1 IT Novum Openitcockpit 3.0.6-2 IT Novum Openitcockpit 3.0.7 IT Novum Openitcockpit 3.0.8 IT Novum Openitcockpit 3.0.8-2 IT Novum Openitcockpit 3.0.8-3 IT Novum Openitcockpit 3.0.9 IT Novum Openitcockpit 3.0.10 IT Novum Openitcockpit 3.0.10-4 IT Novum Openitcockpit 3.0.10-5 IT Novum Openitcockpit 3.0.10-6 IT Novum Openitcockpit 3.0.10-8 IT Novum Openitcockpit 3.0.10-10 IT Novum Openitcockpit 3.0.10-12 IT Novum Openitcockpit 3.0.10-13 IT Novum Openitcockpit 3.0.10-14 IT Novum Openitcockpit 3.0.10-15 IT Novum Openitcockpit 3.0.10-16 IT Novum Openitcockpit 3.0.11 IT Novum Openitcockpit 3.0.11-3 IT Novum Openitcockpit 3.0.11-4 IT Novum Openitcockpit 3.0.11-6 IT Novum Openitcockpit 3.0.11-7 IT Novum Openitcockpit 3.0.11-8 IT Novum Openitcockpit 3.1.0 IT Novum Openitcockpit 3.1.1 IT Novum Openitcockpit 3.1.5 IT Novum Openitcockpit 3.2.0 IT Novum Openitcockpit 3.3.0 IT Novum Openitcockpit 3.3.0-3 IT Novum Openitcockpit 3.4.2 IT Novum Openitcockpit 3.4.3 IT Novum Openitcockpit 3.5.0 IT Novum Openitcockpit 3.6.0 IT Novum Openitcockpit 3.6.1 IT Novum Openitcockpit 3.6.1.2	38