First published: Mon Aug 07 2017(Updated: )
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restriced endpoints.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Mobile Application Platform | <=4.4.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2017-7553 is rated as medium with a score of 6.3.
To fix CVE-2017-7553, update to a version of Redhat Mobile Application Platform that is higher than 4.4.3.
CVE-2017-7553 exploits a server side request forgery (SSRF) vulnerability in the external_request API call of App Studio.
Attackers can use CVE-2017-7553 to probe internal network resources and access restricted endpoints.
CVE-2017-7553 affects the Redhat Mobile Application Platform versions up to and including 4.4.3.