CVE-2024-51980
BaseFortify
Publication date: 2025-06-25
Last updated on: 2025-06-26
Assigner: Rapid7, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a server side request forgery (SSRF) that allows an unauthenticated attacker to make the target device open a TCP connection to any IP address and port. It exploits the WS-Addressing ReplyTo element in a SOAP request sent to a web service on HTTP TCP port 80. The attacker cannot control the data sent or receive data back, but can use this to scan internal network ports.
How can this vulnerability impact me? :
The vulnerability can be used by an attacker to perform TCP port scanning on internal networks, potentially revealing information about internal services and network structure. Although the attacker cannot send or receive data through the SSRF connection, this information gathering can aid further attacks or reconnaissance.