cvedb.io
CVE-2024-22873
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2024-02-26T16:27:56.733 · Last modified 2026-07-09T01:18:50.650

Summary

Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain a Server-Side Request Forgery (SSRF) via the event subscription function (/service/subscription.go). This vulnerability allows attackers to access internal requests via a crafted POST request.

Affected products

tencent — blueking_configuration_management_database

Does this affect you?

Add your gear to cvedb and we'll alert you only when tencent ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.