Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic. This issue affects Apache Fineract: from 1.4 through 1.8.3.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6 | Mailing List Vendor Advisory |
Configurations
History
31 Mar 2023, 13:43
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:* | |
References | (MISC) https://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6 - Mailing List, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
28 Mar 2023, 16:28
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-28 12:15
Updated : 2024-10-23 16:35
NVD link : CVE-2023-25195
Mitre link : CVE-2023-25195
CVE.ORG link : CVE-2023-25195
JSON object : View
Products Affected
apache
- fineract
CWE
CWE-918
Server-Side Request Forgery (SSRF)