CVE-2017-7553
First published: Mon Aug 07 2017(Updated: )
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Mobile Application Platform | <=4.4.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-7553?
The severity of CVE-2017-7553 is rated as medium with a score of 6.3.
How do I fix CVE-2017-7553?
To fix CVE-2017-7553, update to a version of Redhat Mobile Application Platform that is higher than 4.4.3.
What does CVE-2017-7553 exploit?
CVE-2017-7553 exploits a server side request forgery (SSRF) vulnerability in the external_request API call of App Studio.
What can attackers do with CVE-2017-7553?
Attackers can use CVE-2017-7553 to probe internal network resources and access restricted endpoints.
Which software is affected by CVE-2017-7553?
CVE-2017-7553 affects the Redhat Mobile Application Platform versions up to and including 4.4.3.
- collector/redhat-bugzilla
- alias/CVE-2017-7553
- collector/nvd-index
- vendor/redhat
- product/mobile application platform
- canonical/redhat mobile application platform