CVE-2019-9827 — Vulnetix

CVE-2019-9827 PUBLISHED

Reported by mitre · Published July 3, 2019

Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP request from an affected server to an arbitrary host via the initial /proxy/ substring of a URI.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a
Maven	io.hawt:hawtio-core	0, 0

Exploit Intelligence

https://www.ciphertechs.com/hawtio-advisory/ (nist-nvd)
Hawtio 2.5.0 Server Side Request Forgery Vulnerability (0day-today)

Timeline

Jul 3, 2019 CVE Published
Jul 3, 2019 PoC Published
Jul 10, 2019 CVE Updated
Apr 14, 2021 EPSS Score
Jun 23, 2021 EPSS Score
Oct 26, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 28, 2022 EPSS Score
May 1, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Nov 6, 2022 EPSS Score

References

x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2019-9827 advisory

Open in Interactive Console →