An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function.
                
            References
                    | Link | Resource | 
|---|---|
| http://reprise.com | Not Applicable | 
| http://reprisesoftware.com | Product | 
| https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md | Third Party Advisory | 
| http://reprise.com | Not Applicable | 
| http://reprisesoftware.com | Product | 
| https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md | Third Party Advisory | 
Configurations
                    History
                    No history.
Information
                Published : 2023-01-20 12:15
Updated : 2025-04-30 21:03
NVD link : CVE-2021-37498
Mitre link : CVE-2021-37498
CVE.ORG link : CVE-2021-37498
JSON object : View
Products Affected
                reprisesoftware
- reprise_license_manager
CWE
                
                    
                        
                        CWE-918
                        
            Server-Side Request Forgery (SSRF)
