Vulnerability Description
Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb before 2.1.0(include). Users are recommended to upgrade to version 2.2.0, which fixes the issue.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Servicecomb | < 2.2.0 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2024/01/31/4Mailing ListThird Party Advisory
- https://lists.apache.org/thread/kxovd455o9h4f2v811hcov2qknbwld5rMailing ListThird Party Advisory
- http://www.openwall.com/lists/oss-security/2024/01/31/4Mailing ListThird Party Advisory
- https://lists.apache.org/thread/kxovd455o9h4f2v811hcov2qknbwld5rMailing ListThird Party Advisory
FAQ
What is CVE-2023-44313?
CVE-2023-44313 is a vulnerability with a CVSS score of 7.6 (HIGH). Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache Se...
How severe is CVE-2023-44313?
CVE-2023-44313 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-44313?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Servicecomb.