CVE-2023-25195

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic.  This issue affects Apache Fineract: from 1.4 through 1.8.3.
References
Link Resource
https://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6 Mailing List Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:fineract:*:*:*:*:*:*:*:*

History

07 Nov 2023, 04:08

Type Values Removed Values Added
Summary Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic. This issue affects Apache Fineract: from 1.4 through 1.8.3. Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic.  This issue affects Apache Fineract: from 1.4 through 1.8.3.

Information

Published : 2023-03-28 12:15

Updated : 2024-10-23 16:35


NVD link : CVE-2023-25195

Mitre link : CVE-2023-25195

CVE.ORG link : CVE-2023-25195


JSON object : View

Products Affected

apache

  • fineract
CWE
CWE-918

Server-Side Request Forgery (SSRF)