Vulnerabilities > CVE-2024-22217 - Server-Side Request Forgery (SSRF) vulnerability in Terminalfour

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

terminalfour

CWE-918

NVD

Published: 2024-08-15

Updated: 2024-09-11

Summary

A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on.

Vulnerable Configurations

Part	Description	Count
Application	Terminalfour Terminalfour Terminalfour 7.4.0004 Terminalfour Terminalfour 8.2.0 Terminalfour Terminalfour 8.2.18.2.1 Terminalfour Terminalfour 8.2.18.2.3 Terminalfour Terminalfour 8.2.18.3 Terminalfour Terminalfour 8.2.18.4 Terminalfour Terminalfour 8.2.18.5 Terminalfour Terminalfour 8.2.18.8 Terminalfour Terminalfour 8.3.0 Terminalfour Terminalfour 8.3.8 Terminalfour Terminalfour 8.3.11.2 Terminalfour Terminalfour 8.3.14.2 Terminalfour Terminalfour 8.3.16	13

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References