CVE-2019-4741

CWE-918Server-Side Request Forgery (SSRF)3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.3%
top 45.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Content Navigator
Timeline
PublishedFeb 12
Latest updateMay 24

Description

IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 172815.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/content_navigator3.0CD

🔴Vulnerability Details

2
GHSA
GHSA-g7r6-6487-7hm5: IBM Content Navigator 32022-05-24
CVEList
CVE-2019-4741: IBM Content Navigator 32020-02-12
CVE-2019-4741 (MEDIUM CVSS 5.3) | IBM Content Navigator 3.0CD is vuln | cvebase.io