Skip to the content.

CVE-2021-42079 - SSRF vulnerability in OSNEXUS QuantaStor before

CVE CVE-2021-42079
Affected products
Product Affected Unaffected Unknown
OSNEXUS QuantaStor on Windows, Linux >= semver 0 to <
everything else
CVSS Base score: 6.2 (MEDIUM)
Problem type(s) CWE-918 Server-Side Request Forgery (SSRF)
Solution(s) Upgrade to the latest version of OSNEXUS QuantaStor.
Last modified 05 Jul 2023 21:48


An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack. This is exclusively with POST requests.

JSON version