Vulnerability Description
Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in plugins/action.updater/UpgradeManager.php Line: 154, getUpgradePath($url) that can result in an authenticated admin users requesting arbitrary URL's, pivoting requests through the server. This attack appears to be exploitable via the attacker gaining access to an administrative account, enters a URL into Upgrade Engine, and reloads the page or presses "Check Now". This vulnerability appears to have been fixed in 8.2.1.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pydio | Pydio | <= 8.2.0 |
Related Weaknesses (CWE)
References
- https://pydio.com/en/community/releases/pydio-core/pydio-821-security-releasePatchRelease NotesVendor Advisory
- https://www.mike-gualtieri.com/files/Pydio-8-VulnerabilityDisclosure-Jul18.txtExploitThird Party Advisory
- https://pydio.com/en/community/releases/pydio-core/pydio-821-security-releasePatchRelease NotesVendor Advisory
- https://www.mike-gualtieri.com/files/Pydio-8-VulnerabilityDisclosure-Jul18.txtExploitThird Party Advisory
FAQ
What is CVE-2018-1999017?
CVE-2018-1999017 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in plugins/action.updater/UpgradeManager.php Line: 154, getUpgradePath($url) that can result in an authentic...
How severe is CVE-2018-1999017?
CVE-2018-1999017 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-1999017?
Check the references section above for vendor advisories and patch information. Affected products include: Pydio Pydio.