CVE-2017-18638

send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.
Configurations

Configuration 1 (hide)

cpe:2.3:a:graphite_project:graphite:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:20

Type Values Removed Values Added
References () https://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html#second-bug-internal-graphite-ssrf - Exploit, Mitigation, Third Party Advisory () https://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html#second-bug-internal-graphite-ssrf - Exploit, Mitigation, Third Party Advisory
References () https://github.com/graphite-project/graphite-web/issues/2008 - Third Party Advisory () https://github.com/graphite-project/graphite-web/issues/2008 - Third Party Advisory
References () https://github.com/graphite-project/graphite-web/pull/2499 - Third Party Advisory () https://github.com/graphite-project/graphite-web/pull/2499 - Third Party Advisory
References () https://github.com/graphite-project/graphite-web/security/advisories/GHSA-vfj6-275q-4pvm - Broken Link () https://github.com/graphite-project/graphite-web/security/advisories/GHSA-vfj6-275q-4pvm - Broken Link
References () https://lists.debian.org/debian-lts-announce/2019/10/msg00030.html - () https://lists.debian.org/debian-lts-announce/2019/10/msg00030.html -
References () https://www.youtube.com/watch?v=ds4Gp4xoaeA - Exploit, Third Party Advisory () https://www.youtube.com/watch?v=ds4Gp4xoaeA - Exploit, Third Party Advisory

Information

Published : 2019-10-11 23:15

Updated : 2024-11-21 03:20


NVD link : CVE-2017-18638

Mitre link : CVE-2017-18638

CVE.ORG link : CVE-2017-18638


JSON object : View

Products Affected

graphite_project

  • graphite
CWE
CWE-918

Server-Side Request Forgery (SSRF)