CVE-2017-1000419 - CERT CVE
ID CVE-2017-1000419
Sažetak phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning, requesting internal content and potentially attacking such internal services via the web application.
Reference
CVSS
Base: 5.0
Impact: 2.9
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL NONE NONE
CVSS vektor AV:N/AC:L/Au:N/C:P/I:N/A:N
Zadnje važnije ažuriranje 16-01-2018 - 18:12
Objavljeno 02-01-2018 - 19:29