Vulnerabilities > CVE-2021-42079 - Server-Side Request Forgery (SSRF) vulnerability in Osnexus Quantastor 4.3.0

047910
CVSS 4.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
osnexus
CWE-918
NVD
Published: 2023-07-10
Updated: 2023-07-14

Summary

An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack. This is exclusively with POST requests.

Vulnerable Configurations

Part Description Count
Application
Osnexus
1

Common Weakness Enumeration (CWE)

References