Vulnerabilities > CVE-2019-18355 - Server-Side Request Forgery (SSRF) vulnerability in Thycotic Secret Server

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

NVD

Published: 2019-10-23

Updated: 2019-10-30

Summary

An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7.

Part	Description	Count
Application	Thycotic Thycotic Secret Server 2.3 Thycotic Secret Server 8.6.000000 Thycotic Secret Server 8.6.000009 Thycotic Secret Server 8.6.000010 Thycotic Secret Server 8.7.000000 Thycotic Secret Server 8.8.000000 Thycotic Secret Server 8.8.000001 Thycotic Secret Server 8.8.000004 Thycotic Secret Server 10.2.000018 Thycotic Secret Server 10.3.000000	10