Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-25195

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract. Authorized users with limited permissions can gain access to server and may be able to use server for any outbound traffic. This issue affects Apache Fineract: from 1.4 through 1.8.3.

Published

2023-03-28T12:15:07.280

Last Modified

2024-11-21T07:49:17.613

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses

Type: Primary
CWE-918

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	fineract	≤ 1.8.3	Yes

References

https://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6 Mailing List, Vendor Advisory ([email protected])
https://lists.apache.org/thread/m58fdjmtkfp9h4c0r4l48rv995w3qhb6 Mailing List, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)