Vulnerabilities > CVE-2019-6516 - Server-Side Request Forgery (SSRF) vulnerability in Wso2 Dashboard Server 2.0.0

CVSS 5.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

wso2

CWE-918

NVD

Published: 2019-05-14

Updated: 2019-05-14

Summary

An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible to force the application to perform requests to the internal workstation (port-scanning) and to perform requests to adjacent workstations (network-scanning), aka SSRF.

Vulnerable Configurations

Part	Description	Count
Application	Wso2 Wso2 Dashboard Server 2.0.0	1

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

References

https://www.excellium-services.com/cert-xlm-advisory
https://wso2.com/security-patch-releases/dashboard-server