Unrated severityNVD Advisory· Published Oct 18, 2022· Updated May 9, 2025

Changing Information Technology Inc. RAVA certificate validation system - Server-Side Request Forgery (SSRF)

CVE-2022-39055

Description

RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response.

Affected products

Changing Information Technology Inc./Rava Certificate Validation Systemv5
Range: 3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.twcert.org.tw/tw/cp-132-6616-9092f-1.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000