Vulnerabilities > Siemens > Db4Web > 3.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-04-22 | CVE-2002-1484 | Server-Side Request Forgery (SSRF) vulnerability in Siemens Db4Web 3.4/3.6 DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error message. | 9.8 |