CVE Vulnerabilities

CVE-2016-6483

Server-Side Request Forgery (SSRF)

Published: Sep 02, 2016 | Modified: Sep 03, 2017
CVSS 3.x
8.6
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The media-file upload feature in vBulletin before 3.8.7 Patch Level 6, 3.8.8 before Patch Level 2, 3.8.9 before Patch Level 1, 4.x before 4.2.2 Patch Level 6, 4.2.3 before Patch Level 2, 5.x before 5.2.0 Patch Level 3, 5.2.1 before Patch Level 1, and 5.2.2 before Patch Level 1 allows remote attackers to conduct SSRF attacks via a crafted URL that results in a Redirection HTTP status code.

Weakness

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Affected Software

Name Vendor Start Version End Version
Vbulletin Vbulletin 3.8.7 (including) 3.8.7 (including)
Vbulletin Vbulletin 3.8.8 (including) 3.8.8 (including)
Vbulletin Vbulletin 3.8.9 (including) 3.8.9 (including)
Vbulletin Vbulletin 4.2.2 (including) 4.2.2 (including)
Vbulletin Vbulletin 4.2.3 (including) 4.2.3 (including)
Vbulletin Vbulletin 5.2.0 (including) 5.2.0 (including)
Vbulletin Vbulletin 5.2.1 (including) 5.2.1 (including)
Vbulletin Vbulletin 5.2.2 (including) 5.2.2 (including)

References