CVE-2021-42079 - SSRF vulnerability in OSNEXUS QuantaStor before 6.0.0.355
CVE | CVE-2021-42079 | |||||||||||
Credits | ||||||||||||
Affected products |
|
|||||||||||
CVSS |
Base score:
6.2
(MEDIUM) |
|||||||||||
References |
|
|||||||||||
Problem type(s) | CWE-918 Server-Side Request Forgery (SSRF) | |||||||||||
Solution(s) | Upgrade to the latest version of OSNEXUS QuantaStor. | |||||||||||
Last modified | 05 Jul 2023 21:48 |
Description
An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack. This is exclusively with POST requests.
JSON version