CVE-2022-25777

Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:-:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:rc4:*:*:*:*:*:*

History

27 Feb 2025, 19:30

Type Values Removed Values Added
CPE cpe:2.3:a:acquia:mautic:1.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:rc4:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:-:*:*:*:*:*:*
cpe:2.3:a:acquia:mautic:1.0.0:beta4:*:*:*:*:*:*
References () https://github.com/mautic/mautic/security/advisories/GHSA-mgv8-w49f-822w - () https://github.com/mautic/mautic/security/advisories/GHSA-mgv8-w49f-822w - Vendor Advisory
First Time Acquia mautic
Acquia

20 Sep 2024, 12:30

Type Values Removed Values Added
Summary
  • (es) Antes de la versión parcheada, un usuario autenticado de Mautic podía leer archivos del sistema y acceder a las direcciones internas de la aplicación debido a una vulnerabilidad de Server-Side Request Forgery (SSRF).

18 Sep 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-18 16:15

Updated : 2025-02-27 19:30


NVD link : CVE-2022-25777

Mitre link : CVE-2022-25777

CVE.ORG link : CVE-2022-25777


JSON object : View

Products Affected

acquia

  • mautic
CWE
CWE-918

Server-Side Request Forgery (SSRF)