CVE-2021-42079 - SSRF vulnerability in OSNEXUS QuantaStor before 6.0.0.355
| CVE | CVE-2021-42079 | |||||||||||
| Credits | ||||||||||||
| Affected products |
|
|||||||||||
| CVSS |
Base score:
6.2
(MEDIUM) |
|||||||||||
| References |
|
|||||||||||
| Problem type(s) | CWE-918 Server-Side Request Forgery (SSRF) | |||||||||||
| Solution(s) | Upgrade to the latest version of OSNEXUS QuantaStor. | |||||||||||
| Last modified | 05 Jul 2023 21:48 |
Description
An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack. This is exclusively with POST requests.
JSON version