CVE-2024-4219
Severity CVSS v4.0:
Pending analysis
Type:
CWE-918
Server-Side Request Forgery (SSRF)
Publication date:
04/06/2024
Last modified:
11/06/2024
Description
Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability.
Impact
Base Score 3.x
9.10
Severity 3.x
CRITICAL
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:beyondtrust:beyondinsight:*:*:*:*:*:*:*:* | 23.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page