Vulnerabilities > CVE-2019-7652 - Server-Side Request Forgery (SSRF) vulnerability in Thehive-Project Cortex-Analyzers

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
thehive-project
CWE-918
exploit available

Summary

TheHive Project UnshortenLink analyzer before 1.1, included in Cortex-Analyzers before 1.15.2, has SSRF. To exploit the vulnerability, an attacker must create a new analysis, select URL for Data Type, and provide an SSRF payload like "http://127.0.0.1:22" in the Data parameter. The result can be seen in the main dashboard. Thus, it is possible to do port scans on localhost and intranet hosts.

Vulnerable Configurations

Part Description Count
Application
Thehive-Project
49

Common Weakness Enumeration (CWE)

Exploit-Db

idEDB-ID:46820
last seen2019-05-10
modified2019-05-10
published2019-05-10
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/46820
titleTheHive Project Cortex < 1.15.2 - Server-Side Request Forgery

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/152804/thehivepc-ssrf.txt
idPACKETSTORM:152804
last seen2019-05-11
published2019-05-10
reporterAlexandre Basquin
sourcehttps://packetstormsecurity.com/files/152804/TheHive-Project-Cortex-2.1.3-Server-Side-Request-Forgery.html
titleTheHive Project Cortex 2.1.3 Server Side Request Forgery