Description
Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain a Server-Side Request Forgery (SSRF) via the event subscription function (/service/subscription.go). This vulnerability allows attackers to access internal requests via a crafted POST request.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Mon, 09 Jun 2025 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Tencent blueking Configuration Management Database
|
|
| CPEs | cpe:2.3:a:tencent:blueking_configuration_management_database:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Tencent blueking Cmdb
|
Tencent blueking Configuration Management Database
|
Fri, 25 Apr 2025 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Tencent
Tencent blueking Cmdb |
|
| CPEs | cpe:2.3:a:tencent:blueking_cmdb:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Tencent
Tencent blueking Cmdb |
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-05T20:16:24.951Z
Reserved: 2024-01-11T00:00:00.000Z
Link: CVE-2024-22873
Vulnrichment
Updated: 2024-08-01T22:51:11.146Z
NVD
Status : Analyzed
Published: 2024-02-26T16:27:56.733
Modified: 2025-06-09T17:11:50.077
Link: CVE-2024-22873
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses