Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-23 | CVE-2021-43449 | Server-Side Request Forgery (SSRF) vulnerability in Onlyoffice Server 7.0.0.49 ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). | 8.1 |
| 2023-01-20 | CVE-2021-37498 | Server-Side Request Forgery (SSRF) vulnerability in Reprisesoftware Reprise License Manager An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function. | 6.5 |
| 2023-01-20 | CVE-2023-20002 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerability is due to improper validation of user-supplied input. | 4.4 |
| 2023-01-18 | CVE-2022-45926 | Server-Side Request Forgery (SSRF) vulnerability in Opentext Extended ECM An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). | 8.8 |
| 2023-01-13 | CVE-2022-3841 | Server-Side Request Forgery (SSRF) vulnerability in Redhat Advanced Cluster Management for Kubernetes 2.0 RHACM: unauthenticated SSRF in console API endpoint. | 7.8 |
| 2023-01-12 | CVE-2022-25026 | Server-Side Request Forgery (SSRF) vulnerability in Rocketsoftware Trufusion Enterprise A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers to gain access to sensitive resources on the internal network via a crafted HTTP request to /trufusionPortal/upDwModuleProxy. | 7.5 |
| 2023-01-01 | CVE-2022-45027 | Server-Side Request Forgery (SSRF) vulnerability in Perfsonar perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address. | 5.3 |
| 2022-12-29 | CVE-2022-38203 | Server-Side Request Forgery (SSRF) vulnerability in Esri Portal for Arcgis Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal for ArcGIS versions 10.8.1 and below were not fully honored and may allow a remote, unauthenticated attacker to forge requests to arbitrary URLs from the system, potentially leading to network enumeration or reading from hosts inside the network perimeter, a different issue than CVE-2022-38211 and CVE-2022-38212. | 7.5 |
| 2022-12-28 | CVE-2022-23544 | Server-Side Request Forgery (SSRF) vulnerability in Metersphere MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. | 6.1 |
| 2022-12-27 | CVE-2022-45429 | Server-Side Request Forgery (SSRF) vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of server-side request forgery (SSRF). | 7.5 |