With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the server and read it's contents. This attack can lead to leak of sensitive information.
References
Link | Resource |
---|---|
https://github.com/nocodb/nocodb/commit/000ecd886738b965b5997cd905825e3244f48b95 | Patch Third Party Advisory |
https://huntr.dev/bounties/fff06de8-2a82-49b1-8e81-968731e87eef | Exploit Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: @huntrdev
Published: 2022-07-07T03:15:12
Updated: 2022-07-07T03:15:12
Reserved: 2022-07-07T00:00:00
Link: CVE-2022-2339
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-07-07T04:15:11.467
Modified: 2022-07-14T17:22:18.410
Link: CVE-2022-2339
JSON object: View
Redhat Information
No data.
CWE