A Server-Side Request Forgery (SSRF) in Rebuild v2.8.3 allows attackers to obtain the real IP address and scan Intranet information via the fileurl parameter.
References
Link | Resource |
---|---|
https://github.com/getrebuild/rebuild/issues/460 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
29 Oct 2022, 02:57
Type | Values Removed | Values Added |
---|---|---|
First Time |
Ruifang-tech
Ruifang-tech rebuild |
|
CPE | cpe:2.3:a:ruifang-tech:rebuild:2.8.3:*:*:*:*:*:*:* |
24 May 2022, 17:43
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-918 | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:a:getrebuild:rebuild:2.8.3:*:*:*:*:jenkins:*:* | |
References | (MISC) https://github.com/getrebuild/rebuild/issues/460 - Exploit, Issue Tracking, Third Party Advisory | |
First Time |
Getrebuild
Getrebuild rebuild |
15 May 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-15 17:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-30049
Mitre link : CVE-2022-30049
CVE.ORG link : CVE-2022-30049
JSON object : View
Products Affected
ruifang-tech
- rebuild
CWE
CWE-918
Server-Side Request Forgery (SSRF)