Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. This can occur even if the logged-in user has a read-only role.
                
            References
                    | Link | Resource | 
|---|---|
| http://packetstormsecurity.com/files/147260/Digital-Guardian-Management-Console-7.1.2.0015-Server-Side-Request-Forgery.html | Third Party Advisory VDB Entry | 
| http://packetstormsecurity.com/files/147260/Digital-Guardian-Management-Console-7.1.2.0015-Server-Side-Request-Forgery.html | Third Party Advisory VDB Entry | 
Configurations
                    History
                    No history.
Information
                Published : 2018-04-20 21:29
Updated : 2024-11-21 03:40
NVD link : CVE-2018-10174
Mitre link : CVE-2018-10174
CVE.ORG link : CVE-2018-10174
JSON object : View
Products Affected
                digitalguardian
- management_console
CWE
                
                    
                        
                        CWE-918
                        
            Server-Side Request Forgery (SSRF)
