CyberSec.Space Logo
Back to CVE Browser

CVE-2019-18355

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1960%
EPSS Percentile26.09th
PublishedOct 23, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7.

Affected Platforms (CPE)

📦
Thycotic

Secret Server

< 10.7.000000

References & Advisories

🔗 https://thycotic.force.com/support/s/article/SS-RN-EXT-Secret-Server-10-7-000000-Legacy-Release-Notes
🔗 https://thycotic.force.com/support/s/article/SS-RN-EXT-Secret-Server-10-7-000000-Legacy-Release-Notes

Related Vulnerabilities

CVE-2008-115510.0

Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows rem...

CVE-2021-409039.8

A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. ...

CVE-2018-180069.8

Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally dis...

CVE-2019-46409.8

IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and i...