Unrated severityNVD Advisory· Published Mar 25, 2020· Updated Aug 4, 2024
CVE-2020-10791
CVE-2020-10791
Description
app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php in openITCOCKPIT before 3.7.3 allows remote authenticated users to trigger outbound TCP requests (aka SSRF) via the Test Connection feature (aka testGrafanaConnection) of the Grafana Module.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- openITCOCKPIT/openITCOCKPITdescription
- Range: <3.7.3
Patches
Vulnerability mechanics
References
2- github.com/it-novum/openITCOCKPIT/commit/50722befae4cfedd0103f9b0ec2a7e22530b2385mitrex_refsource_MISC
- openitcockpit.io/2020/2020/03/23/openitcockpit-3-7-3-released/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.