Vulnerabilities > CVE-2022-45027 - Server-Side Request Forgery (SSRF) vulnerability in Perfsonar

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
perfsonar
CWE-918

Summary

perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address.

Common Weakness Enumeration (CWE)