A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload network resources, and possibly have unspecified other impact via the server parameter to the /cwc/login login form.
References
Link | Resource |
---|---|
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-023.txt | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-09-09T04:23:04
Updated: 2022-09-09T04:23:04
Reserved: 2022-09-09T00:00:00
Link: CVE-2022-40305
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-09T05:15:07.817
Modified: 2022-09-10T03:53:43.667
Link: CVE-2022-40305
JSON object: View
Redhat Information
No data.
CWE