TheHive Project Cortex 2.1.3 Server Side Request Forgery

2019.05.13

Credit: Alexandre Basquin

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2019-7652

CWE: CWE-918

Ogólna skala CVSS: 4/10

Znaczenie: 2.9/10

Łatwość wykorzystania: 8/10

Wymagany dostęp: Zdalny

Złożoność ataku: Niska

Autoryzacja: Jednorazowa

Wpływ na poufność: Częściowy

Wpływ na integralność: Brak

Wpływ na dostępność: Brak

# Exploit Title: SSRF in TheHive Project Cortex <= 2.1.3
# Date: 2/26/2019
# Exploit Author: Alexandre Basquin
# Vendor Homepage: https://blog.thehive-project.org
# Software Link: https://github.com/TheHive-Project/Cortex
# Version: Cortex <= 2.1.3
# Tested on: 2.1.3
# CVE : CVE-2019-7652
# Exploit description
TheHive Project Cortex version <= 2.1.3 is vulnerable to a SSRF vulnerability in the "UnshortenLink_1_0" analyzer.
References:
https://blog.thehive-project.org/2019/02/11/unshortenlink-ssrf-and-cortex-analyzers-1-15-2/
POC:
1. Create a new analysis
2. Select Data Type "URL"
3. Put your SSRF payload in the Data parameter (e.g. "http://127.0.0.1:22")
4. Result can be seen in the main dashboard.
Reported to TheHive Project by Alexandre Basquin on 1/24/2019

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

TheHive Project Cortex 2.1.3 Server Side Request Forgery

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.