CVE Catalog

CVE-2024-55399

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

15th percentile - higher than 15% of all known CVEs

Summary

A Server-Side Request Forgery (SSRF) vulnerability was discovered in 4C Strategies Exonaut prior to version 21.6.2.1-1. This allows an attacker to send requests from the server to internal network resources.

Risk Assessment

The risk involves potential scanning of internal networks, access to sensitive data or services that should not be externally accessible, potentially leading to attack escalation.

Recommendation

It is recommended to immediately upgrade 4C Strategies Exonaut to version 21.6.2.1-1 or later, which includes a fix for the SSRF vulnerability.

Original NVD description (English source)

4C Strategies Exonaut before v21.6.2.1-1 was discovered to contain a Server-Side Request Forgery (SSRF).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS