CVE-2023-48910

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 4, 2023

Updated: Dec 7, 2023

CWE ID 918

Summary

CVE-2023-48910 is a newly discovered Server-Side Request Forgery (SSRF) vulnerability affecting Microcks up to version 1.17.1. This issue enables attackers to craft malicious GET requests that trick the server into accessing network resources and potentially revealing sensitive information. The vulnerable components are identified as /jobs and /artifact/download. Successful exploitation could lead to unauthorized access and data leakage. It is highly recommended that users update their Microcks installation to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tfEgGq
https://www.cve.org/CVERecord?id=CVE-2023-48910
https://nvd.nist.gov/vuln/detail/CVE-2023-48910

Back to Vulnerability Database

CVE-2023-48910

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations