An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't think [it] is a big real-life issue.
References
Link | Resource |
---|---|
https://github.com/cockpit-project/cockpit/issues/15077 | Exploit Third Party Advisory |
https://github.com/passtheticket/vulnerability-research/blob/main/cockpitProject/README.md | Exploit Third Party Advisory |
Configurations
History
07 Nov 2023, 03:22
Type | Values Removed | Values Added |
---|---|---|
Summary | An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't think [it] is a big real-life issue. |
04 Jan 2021, 19:12
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/cockpit-project/cockpit/issues/15077 - Exploit, Third Party Advisory | |
References | (MISC) https://github.com/passtheticket/vulnerability-research/blob/main/cockpitProject/README.md - Exploit, Third Party Advisory | |
CWE | CWE-918 | |
CPE | cpe:2.3:a:cockpit-project:cockpit:234:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 6.5 |
30 Dec 2020, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2020-12-30 02:15
Updated : 2024-04-11 01:08
NVD link : CVE-2020-35850
Mitre link : CVE-2020-35850
CVE.ORG link : CVE-2020-35850
JSON object : View
Products Affected
cockpit-project
- cockpit
CWE
CWE-918
Server-Side Request Forgery (SSRF)