Vulnerabilities > CVE-2020-13788 - Server-Side Request Forgery (SSRF) vulnerability in Linuxfoundation Harbor

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
linuxfoundation
CWE-918
NVD
Published: 2020-07-15
Updated: 2020-07-22

Summary

Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.

Vulnerable Configurations

Part Description Count
Application
Linuxfoundation
110

Common Weakness Enumeration (CWE)

References