CVE-2019-9827
published 2019-07-03CVE-2019-9827: Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the…
PriorityP266critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
26.80%
97.8th percentile
Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hawt | hawtio | <= 2.5.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect SSRF exploitation attempts against Hawtio by monitoring inbound HTTP requests where the URI begins with the /proxy/ path prefix, which is the attack vector for CVE-2019-9827. ↗
- →Affected versions are Hawtio through 2.5.0; any deployment of hawtio <= 2.5.0 with the proxy endpoint exposed should be treated as vulnerable and prioritized for patching or network-level blocking of /proxy/ requests. ↗
- ·The SSRF is exploitable only when the Hawtio proxy endpoint (/proxy/) is reachable by remote/untrusted clients. Restricting network access to this endpoint mitigates exploitation without patching. ↗
- ·Red Hat JBoss A-MQ 6 and Red Hat JBoss Fuse 6 are out of security support scope for this CVE and will not receive official patches from Red Hat. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Server-Side Request Forgery in Hawt Hawtio
osv·2019-07-05
CVE-2019-9827 [CRITICAL] Server-Side Request Forgery in Hawt Hawtio
Server-Side Request Forgery in Hawt Hawtio
Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.
GHSA
Server-Side Request Forgery in Hawt Hawtio
ghsa·2019-07-05
CVE-2019-9827 [CRITICAL] CWE-918 Server-Side Request Forgery in Hawt Hawtio
Server-Side Request Forgery in Hawt Hawtio
Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.
Red Hat
kernel: smb3: fix for slab out of bounds on mount to ksmbd
vendor_redhat·2025-09-04·CVSS 7.1
CVE-2025-38728 [HIGH] CWE-125 kernel: smb3: fix for slab out of bounds on mount to ksmbd
kernel: smb3: fix for slab out of bounds on mount to ksmbd
In the Linux kernel, the following vulnerability has been resolved:
smb3: fix for slab out of bounds on mount to ksmbd
With KASAN enabled, it is possible to get a slab out of bounds
during mount to ksmbd due to missing check in parse_server_interfaces()
(see below):
BUG: KASAN: slab-out-of-bounds in
parse_server_interfaces+0x14ee/0x1880 [cifs]
Read of size 4 at addr ffff8881433dba98 by task mount/9827
CPU: 5 UID: 0 PID: 9827 Comm: mount Tainted: G
OE 6.16.0-rc2-kasan #2 PREEMPT(voluntary)
Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
Hardware name: Dell Inc. Precision Tower 3620/0MWYPT,
BIOS 2.13.1 06/14/2019
Call Trace:
dump_stack_lvl+0x9f/0xf0
print_report+0xd1/0x670
__virt_addr_valid+0x22c/0x430
? parse_server_interfaces+0x14ee
Red Hat
hawtio: server side request forgery via initial /proxy/ substring of a URI
vendor_redhat·2019-06-27·CVSS 9.8
CVE-2019-9827 [CRITICAL] CWE-602 hawtio: server side request forgery via initial /proxy/ substring of a URI
hawtio: server side request forgery via initial /proxy/ substring of a URI
Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.
Package: hawtio (Red Hat AMQ Broker 7) - Affected
Package: hawtio (Red Hat JBoss A-MQ 6) - Out of support scope
Package: hawtio (Red Hat JBoss Fuse 6) - Out of support scope
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2025-38728 kernel: smb3: fix for slab out of bounds on mount to ksmbd
bugzilla·2025-09-04·CVSS 7.1
CVE-2025-38728 [HIGH] CVE-2025-38728 kernel: smb3: fix for slab out of bounds on mount to ksmbd
CVE-2025-38728 kernel: smb3: fix for slab out of bounds on mount to ksmbd
In the Linux kernel, the following vulnerability has been resolved:
smb3: fix for slab out of bounds on mount to ksmbd
With KASAN enabled, it is possible to get a slab out of bounds
during mount to ksmbd due to missing check in parse_server_interfaces()
(see below):
BUG: KASAN: slab-out-of-bounds in
parse_server_interfaces+0x14ee/0x1880 [cifs]
Read of size 4 at addr ffff8881433dba98 by task mount/9827
CPU: 5 UID: 0 PID: 9827 Comm: mount Tainted: G
OE 6.16.0-rc2-kasan #2 PREEMPT(voluntary)
Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
Hardware name: Dell Inc. Precision Tower 3620/0MWYPT,
BIOS 2.13.1 06/14/2019
Call Trace:
dump_stack_lvl+0x9f/0xf0
print_report+0xd1/0x670
__virt_addr_valid+0x22c/0x430
? parse_serve
Bugzilla
CVE-2019-9827 hawtio: server side request forgery via initial /proxy/ substring of a URI
bugzilla·2019-07-10·CVSS 9.8
CVE-2019-9827 [CRITICAL] CVE-2019-9827 hawtio: server side request forgery via initial /proxy/ substring of a URI
CVE-2019-9827 hawtio: server side request forgery via initial /proxy/ substring of a URI
Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.
Reference:
https://www.ciphertechs.com/hawtio-advisory/
Discussion:
This vulnerability is out of security support scope for the following products:
* Red Hat JBoss A-MQ 6
* Red Hat JBoss Fuse 6
Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.
---
This issue has been addressed in the following products:
Red Hat Fuse 7.7.0
Via RHSA-2020:3192 https://access.redhat.com/errata/RHSA-2020:3192
---
This bug is now closed. Further updates for individual products will
2019-07-03
Published