Vulnerabilities > CVE-2021-41385 - Server-Side Request Forgery (SSRF) vulnerability in Securonix Snypr 6.3.1

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

securonix

CWE-918

NVD

Published: 2021-09-27

Updated: 2021-10-05

Summary

The third party intelligence connector in Securonix SNYPR 6.3.1 Build 184295_0302 allows an authenticated user to obtain access to server configuration details via SSRF.

Vulnerable Configurations

Part	Description	Count
Application	Securonix Securonix Snypr 6.3.1	1

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

References

https://documentation.securonix.com/onlinedoc/Content/Product%20Security/Content/Product%20Security/Authenticated%20SSRF%20in%20TPI.htm