A vulnerability was found in Tencent Blueking CMDB up to 3.9.x. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /service/subscription.go of the component HTTP POST Request Handler. The manipulation leads to server-side request forgery.

This vulnerability is known as CVE-2024-22873. The attack needs to be approached within the local network. There is no exploit available.