CVE-2017-18638
Summary
| CVE | CVE-2017-18638 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2019-10-11 23:15:00 UTC |
|---|
| Updated | 2019-10-21 16:15:00 UTC |
|---|
| Description | send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Removing function 'send_email' by deniszh · Pull Request #2499 · graphite-project/graphite-web · GitHub |
MISC |
github.com |
Third Party Advisory |
| - YouTube |
MISC |
www.youtube.com |
Exploit, Third Party Advisory |
| graphite.composer.views.send_email vulnerable to SSRF · Advisory · graphite-project/graphite-web · GitHub |
MISC |
github.com |
Broken Link |
| [SECURITY] [DLA 1962-1] graphite-web security update |
MLIST |
lists.debian.org |
|
| Orange: How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE! |
MISC |
blog.orange.tw |
Exploit, Mitigation, Third Party Advisory |
| graphite.composer.views.send_email vulnerable to SSRF · Issue #2008 · graphite-project/graphite-web · GitHub |
MISC |
github.com |
Third Party Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 199602 Ubuntu Security Notification for Graphite-Web Vulnerabilities (USN-6243-1)
- 981482 Python (pip) Security Update for graphite-web (GHSA-vfj6-275q-4pvm)
