CVE-2024-22873 | Tencent Blueking CMDB up to 3.9.x HTTP POST Request /service/subscription.go server-side request forgery

Posted by Angelo Barbosa | Feb 26, 2024 | CVE

A vulnerability was found in Tencent Blueking CMDB up to 3.9.x. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /service/subscription.go of the component HTTP POST Request Handler. The manipulation leads to server-side request forgery.

This vulnerability is known as CVE-2024-22873. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-22873 | Tencent Blueking CMDB up to 3.9.x HTTP POST Request /service/subscription.go server-side request forgery

Related Posts

CVE-2024-42302 | Linux Kernel up to 6.1.102/6.6.43/6.10.2 dpc_handler use after free

CVE-2024-20754 | Adobe Lightroom untrusted search path (APSB24-17)

CVE-2024-0536 | Tenda W9 1.0.0.7(4456) httpd setWrlAccessList ssidIndex stack-based overflow

CVE-2024-0516 | Royal Elementor Addons and Templates Plugin up to 1.3.87 on WordPress wpr_update_form_action_meta authorization