CVE-2014-2233

CVE-2014-2233

EPSS 2.0%

Server-side request forgery (SSRF) vulnerability in the MapAPI in Infoware MapSuite before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to trigger requests to intranet servers via unspecified vectors.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://iw.mapandroute.de/MapAPI-1.0/releaseHistory.jsp http://iw.mapandroute.de/MapAPI-1.1/releaseHistory.jsp http://www.christian-schneider.net/advisories/CVE-2014-2233.txt