Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Knowage is vulnerable to blind server-side request forgery (SSRF)
Vulnerability Description
Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, there is a blind server-side request forgery vulnerability. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact of this vulnerability is limited. However, an attacker should be able to leverage this vulnerability to scan the internal network. This issue has been patched in version 8.1.37.
CVSS Information
N/A
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Knowage 代码问题漏洞
Vulnerability Description
Knowage是意大利Knowage公司的一套用于在传统资源和大数据系统上进行现代业务分析的开源套件。 Knowage 8.1.37之前版本存在代码问题漏洞,该漏洞源于存在盲服务器端请求伪造,可能导致攻击者扫描内部网络。
CVSS Information
N/A
Vulnerability Type
N/A