The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2017:2674 | |
https://access.redhat.com/errata/RHSA-2017:2675 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1478792 | Issue Tracking Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2674 | |
https://access.redhat.com/errata/RHSA-2017:2675 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1478792 | Issue Tracking Third Party Advisory |
Configurations
History
21 Nov 2024, 03:32
Type | Values Removed | Values Added |
---|---|---|
References | () https://access.redhat.com/errata/RHSA-2017:2674 - | |
References | () https://access.redhat.com/errata/RHSA-2017:2675 - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1478792 - Issue Tracking, Third Party Advisory |
Information
Published : 2017-09-29 01:34
Updated : 2024-11-21 03:32
NVD link : CVE-2017-7553
Mitre link : CVE-2017-7553
CVE.ORG link : CVE-2017-7553
JSON object : View
Products Affected
redhat
- mobile_application_platform
CWE
CWE-918
Server-Side Request Forgery (SSRF)