CVE-2023-48379

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 15, 2023

Updated: Dec 21, 2023

CWE ID 918

Summary

CVE-2023-48379 is a vulnerability affecting the Softnext Mail SQR Expert email management platform. The issue lies in the inadequate filtering of a URL parameter within a specific function. This weakness allows an unauthenticated remote attacker to execute Blind Server Side Request Forgery (SSRF) attacks. By exploiting this vulnerability, an attacker can potentially discover the internal network topology by analyzing error responses from URL requests.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tbibWC
https://www.cve.org/CVERecord?id=CVE-2023-48379
https://nvd.nist.gov/vuln/detail/CVE-2023-48379

Back to Vulnerability Database

CVE-2023-48379

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations