Server-Side Request Forgery (SSRF) Vulnerability in Backup & Restore Functionality

Server-Side Request Forgery (SSRF) Vulnerability in Backup & Restore Functionality

CVE-2019-11897 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

A Server-Side Request Forgery (SSRF) vulnerability in the backup & restore functionality in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.3.0 allows a remote attacker to forge GET requests to arbitrary URLs. In addition, this could potentially allow an attacker to read sensitive zip files from the local server.

Learn more about our Cis Benchmark Audit For Server Software.