CVE-2026-28271 - Vulnerability Details

- Kiteworks Core is vulnerable to Server-Side Request Forgery (SSRF)

Description

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration functionality allows bypassing of SSRF protections through DNS rebinding attacks. Malicious administrators could exploit this to access internal services that should be restricted. Version 9.2.0 contains a patch for the issue.

Published: 2026-02-27

Score: 6.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability allows a malicious administrator to bypass Server‑Side Request Forgery protections via DNS rebinding within Kiteworks Core’s configuration functionality. This bypass grants access to internal services that should be unreachable from the public network, potentially permitting reading, modification, or tampering of internal data and applications and compromising confidentiality and integrity at the system level. The weakness is an Input Validation flaw (CWE-350) and an SSRF vulnerability (CWE-918).

Affected Systems

All versions of Kiteworks Core supplied by Accellion, specifically every release before 9.2.0, are vulnerable. No other vendor or product is listed.

Risk and Exploitability

The CVSS score of 6.5 indicates moderate severity, while the EPSS of less than 1 % suggests a very low likelihood of exploitation. The vulnerability is not included in the CISA KEV catalog. Based on the description, the likely attack vector is an authenticated administrator who can submit configuration changes that trigger the DNS rebinding attack. Successful exploitation requires administrative privileges and the ability to influence outbound requests from the application. The overall risk is mitigated by the low probability of attack, and it is inferred from the description that the vulnerability does not provide immediate remote code execution capability.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

kiteworks

security-advisories

affected

Version	Status	Constraints
`< 9.2.0`	affected	—

Configuration 1 [-]

cpe:2.3:a:accellion:kiteworks:*:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Kiteworks

Security-advisories

100%

Version	Status	Scheme	Platform
`[0,9.2.0)`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Kiteworks Core to version 9.2.0 or later to apply the official patch
If an upgrade is not possible immediately, disable or restrict outbound configuration requests that can trigger SSRF and block internal network addresses from being requested by the application
Monitor administrator configuration activity for suspicious DNS rebinding attempts and review logs for anomalous internal service access

Generated by OpenCVE AI on April 18, 2026 at 17:33 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00015.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/kiteworks/security-advisories/security/advisories/GHSA-rmfx-6h9w-fq87

History

Wed, 04 Mar 2026 20:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Accellion Accellion kiteworks
CPEs		cpe:2.3:a:accellion:kiteworks::::::::
Vendors & Products		Accellion Accellion kiteworks

Tue, 03 Mar 2026 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 02 Mar 2026 12:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Kiteworks Kiteworks security-advisories
Vendors & Products		Kiteworks Kiteworks security-advisories

Fri, 27 Feb 2026 20:30:00 +0000

Type	Values Removed	Values Added
Description		Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration functionality allows bypassing of SSRF protections through DNS rebinding attacks. Malicious administrators could exploit this to access internal services that should be restricted. Version 9.2.0 contains a patch for the issue.
Title		Kiteworks Core is vulnerable to Server-Side Request Forgery (SSRF)
Weaknesses		CWE-350 CWE-918
References		https://github.com/kiteworks/security-advisories/security/advisories/GHSA-rmfx-6h9w-fq87
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N'}`

Subscriptions

Accellion Kiteworks

Kiteworks Security-advisories

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-02-27T20:21:12.194Z

Updated: 2026-03-03T20:27:38.925Z

Reserved: 2026-02-26T01:52:58.733Z

Link: CVE-2026-28271

Vulnrichment

Updated: 2026-03-03T20:27:35.581Z

NVD

Status : Analyzed

Published: 2026-02-27T21:16:18.550

Modified: 2026-03-04T19:49:31.087

Link: CVE-2026-28271

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-18T17:45:06Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object