CVE-2022-39055
Changing Information Technology Inc. RAVA certificate validation system - Server-Side Request Forgery (SSRF)
RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →