CVE-2017-18638 — HIGH (7.5)

Q: How severe is CVE-2017-18638?

CVE-2017-18638 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-18638?

Check the references section above for vendor advisories and patch information. Affected products include: Graphite Project Graphite.

Vulnerability Description

send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Graphite Project	Graphite	<= 1.1.5

Related Weaknesses (CWE)

CWE-918

References

https://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html#second-buExploitMitigationThird Party Advisory
https://github.com/graphite-project/graphite-web/issues/2008Third Party Advisory
https://github.com/graphite-project/graphite-web/pull/2499Third Party Advisory
https://github.com/graphite-project/graphite-web/security/advisories/GHSA-vfj6-2Broken Link
https://lists.debian.org/debian-lts-announce/2019/10/msg00030.html
https://www.youtube.com/watch?v=ds4Gp4xoaeAExploitThird Party Advisory
https://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html#second-buExploitMitigationThird Party Advisory
https://github.com/graphite-project/graphite-web/issues/2008Third Party Advisory
https://github.com/graphite-project/graphite-web/pull/2499Third Party Advisory
https://github.com/graphite-project/graphite-web/security/advisories/GHSA-vfj6-2Broken Link
https://lists.debian.org/debian-lts-announce/2019/10/msg00030.html
https://www.youtube.com/watch?v=ds4Gp4xoaeAExploitThird Party Advisory

FAQ

What is CVE-2017-18638?

CVE-2017-18638 is a vulnerability with a CVSS score of 7.5 (HIGH). send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server re...

How severe is CVE-2017-18638?

CVE-2017-18638 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-18638?

Check the references section above for vendor advisories and patch information. Affected products include: Graphite Project Graphite.