| ID | CVE-2022-38299 | ||||||
| Sažetak | An issue in the Elasticsearch plugin of Appsmith v1.7.11 allows attackers to connect disallowed hosts to the AWS/GCP internal metadata endpoint. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | ||||||
| Zadnje važnije ažuriranje | 15-09-2022 - 04:16 | ||||||
| Objavljeno | 12-09-2022 - 22:15 |
