ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated remote attackers to modify the parameters and conduct Server-Side Request Forgery (SSRF) attacks. This vulnerability enables attackers to probe internal network information.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2024-05-15T02:53:45.648Z

Updated: 2024-08-01T20:55:10.323Z

Reserved: 2024-05-15T02:31:57.684Z

Link: CVE-2024-4894

cve-icon Vulnrichment

Updated: 2024-08-01T20:55:10.323Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-15T03:15:14.887

Modified: 2024-11-21T09:43:48.647

Link: CVE-2024-4894

cve-icon Redhat

No data.