Vulnerabilities > Server-Side Request Forgery (SSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-05 | CVE-2021-32603 | Server-Side Request Forgery (SSRF) vulnerability in Fortinet Fortianalyzer and Fortimanager A server-side request forgery (SSRF) (CWE-918) vulnerability in FortiManager and FortiAnalyser GUI 7.0.0, 6.4.5 and below, 6.2.7 and below, 6.0.11 and below, 5.6.11 and below may allow a remote and authenticated attacker to access unauthorized files and services on the system via specifically crafted web requests. | 6.5 |
| 2021-07-30 | CVE-2021-20788 | Server-Side Request Forgery (SSRF) vulnerability in Groupsession products Server-side request forgery (SSRF) vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0) allows a remote authenticated attacker to conduct a port scan from the product and/or obtain information from the internal Web server. | 4.3 |
| 2021-07-28 | CVE-2020-4974 | Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). | 6.3 |
| 2021-07-22 | CVE-2021-26699 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite 7.10.3/7.10.4 OX App Suite before 7.10.3-rev4 and 7.10.4 before 7.10.4-rev4 allows SSRF via a shared SVG document that is mishandled by the imageconverter component when the .png extension is used. | 5.4 |
| 2021-07-19 | CVE-2021-31216 | Server-Side Request Forgery (SSRF) vulnerability in Siren Investigate Siren Investigate before 11.1.1 contains a server side request forgery (SSRF) defect in the built-in image proxy route (which is enabled by default). | 8.1 |
| 2021-07-15 | CVE-2021-29749 | Server-Side Request Forgery (SSRF) vulnerability in IBM products IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). | 5.4 |
| 2021-07-14 | CVE-2021-33213 | Server-Side Request Forgery (SSRF) vulnerability in Element-It Http Commander 5.3.3 An SSRF vulnerability in the "Upload from URL" feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to retrieve HTTP and FTP files from the internal server network by inserting an internal address. | 6.5 |
| 2021-07-12 | CVE-2020-23079 | Server-Side Request Forgery (SSRF) vulnerability in Halo SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server intranet. | 7.5 |
| 2021-07-11 | CVE-2021-29102 | Server-Side Request Forgery (SSRF) vulnerability in Esri Arcgis Server A Server-Side Request Forgery (SSRF) vulnerability in ArcGIS Server Manager version 10.8.1 and below may allow a remote, unauthenticated attacker to forge GET requests to arbitrary URLs from the system, potentially leading to network enumeration or facilitating other attacks. | 9.1 |
| 2021-07-08 | CVE-2020-20582 | Server-Side Request Forgery (SSRF) vulnerability in Mipcms 5.0.1 A server side request forgery (SSRF) vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information. | 7.5 |