VDB
CVE-2017-18638
CVE-2017-18638
PUBLISHED
send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.
EPSS 91.62% · 99.7th percentile
Risk Scores
EPSS Score
91.62%
99.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:16.04:LTS | graphite-web | 0.9.13+debian-1, 0.9.15+debian-1, 0 |
| Ubuntu:Pro:18.04:LTS | graphite-web | 0, 0.9.15+debian-2, 1.0.2+debian-2 |
| Ubuntu:Pro:14.04:LTS | graphite-web | 0.9.12+debian-2, 0.9.12+debian-3, * |
Exploit Intelligence
- https://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html#second-bug-internal-graphite-ssrf (nist-nvd)
- https://www.youtube.com/watch?v=ds4Gp4xoaeA (nist-nvd)
- https://github.com/graphite-project/graphite-web/security/advisories/GHSA-vfj6-275q-4pvm (circl)
- https://github.com/graphite-project/graphite-web/issues/2008 (circl)
- https://github.com/graphite-project/graphite-web/pull/2499 (circl)
- [debian-lts-announce] 20191021 [SECURITY] [DLA 1962-1] graphite-web security update (circl)
- Nuclei Template: CVE-2017-18638 (nuclei-template)
- Nuclei Template: CVE-2017-18638 (nuclei-template)
- Nuclei Template: CVE-2017-18638 (nuclei-template)
- Nuclei Template: CVE-2017-18638 (nuclei-template)
…and 5 more exploits
Timeline
- Oct 11, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jul 5, 2021 CVE Updated
- Mar 7, 2023 EPSS Score
- Dec 17, 2024 EPSS Score
- Mar 3, 2025 EPSS Score
- Mar 17, 2025 EPSS Score
- Mar 19, 2025 EPSS Score
- Mar 20, 2025 EPSS Score
- Mar 21, 2025 EPSS Score
- Mar 22, 2025 EPSS Score
- Mar 23, 2025 EPSS Score
References
- https://ubuntu.com/security/CVE-2017-18638 third-party-advisory
- https://github.com/graphite-project/graphite-web/issues/2008 third-party-advisory
- https://github.com/graphite-project/graphite-web/pull/2499 third-party-advisory
- https://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html#second-bug-internal-graphite-ssrf third-party-advisory
- https://github.com/graphite-project/graphite-web/security/advisories/GHSA-vfj6-275q-4pvm third-party-advisory
- https://www.youtube.com/watch?v=ds4Gp4xoaeA third-party-advisory
- https://ubuntu.com/security/notices/USN-6243-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2017-18638 third-party-advisory