RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2022-10-18T05:40:19.195349Z

Updated: 2024-09-16T20:21:55.585Z

Reserved: 2022-08-31T00:00:00

Link: CVE-2022-39055

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-10-18T06:15:08.850

Modified: 2024-11-21T07:17:27.987

Link: CVE-2022-39055

cve-icon Redhat

No data.