CVE-2024-48590 PoC — Inflectra SpiraTeam 安全漏洞

Source

https://github.com/GCatt-AS/CVE-2024-48590

Associated Vulnerability

Title:Inflectra SpiraTeam 安全漏洞 (CVE-2024-48590)
Description:Inflectra SpiraTeam是Inflectra公司的一款项目管理软件。用于软件开发和测试项目的管理与交付。 Inflectra SpiraTeam 7.2.00版本存在安全漏洞，该漏洞源于NewsReaderService容易受到服务端请求伪造攻击，可能导致权限提升和敏感信息泄露。

Readme

# CVE-2024-48590

# Vulnerability Disclosure: SSRF in Inflectra SpiraTeam 7.2.00

## Description
Inflectra SpiraTeam version 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) through the NewsReaderService component.

## Vulnerability Type
Server-Side Request Forgery (SSRF)

## Vendor
Inflectra

## Affected Product
SpiraTeam 7.2.00

## Affected Component
NewsReaderService

## Attack Type
Remote

## Impacts
- **Escalation of Privileges**: Allows attackers to potentially gain higher access levels.
- **Information Disclosure**: Exposes sensitive data from the host system.

## Attack Vectors
An attacker can send specially crafted requests to the NewsReaderService, prompting the server to make unintended requests. This can lead to the capture of authentication hashes from the host where SpiraTeam is installed.

## References
- [OWASP: Server-Side Request Forgery](https://owasp.org/www-community/attacks/Server_Side_Request_Forgery)

## Vendor Acknowledgment
Inflectra has confirmed the existence of this vulnerability.

## Discoverer
Gareth Catterall

## Note
Users of SpiraTeam 7.2.00 are encouraged update to the latest version of the product.

File Snapshot


 [4.0K]  /data/pocs/f9b6df68852411276dc066e5ac3584dc709013df
└── [1.1K]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!