The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2017:2674 | |
https://access.redhat.com/errata/RHSA-2017:2675 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1478792 | Issue Tracking Third Party Advisory |
Configurations
History
No history.
Information
Published : 2017-09-29 01:34
Updated : 2024-02-28 16:04
NVD link : CVE-2017-7553
Mitre link : CVE-2017-7553
CVE.ORG link : CVE-2017-7553
JSON object : View
Products Affected
redhat
- mobile_application_platform
CWE
CWE-918
Server-Side Request Forgery (SSRF)