Description

Openfire is a Jabber server supported by Ignite Realtime. It's a cross-platform Java application, which positions itself as a platform for medium-sized enterprises to control internal communications and make instant messaging easier.

Openfire Admin Console versions before 4.4.3 are vulnerable to a full read SSRF vulnerability in the FaviconServlet. This vulnerability allows an unauthenticated attacker to send arbitrary HTTP GET requests to the internal network and see the responses.

Remediation

Upgrade to the latest version of Openfire (this issue was fixed in version 4.4.3).

References

Vulnerabilities in the Openfire Admin Console

Related Vulnerabilities

WordPress Plugin All-in-One Video Gallery Multiple Vulnerabilities (2.6.0)

WordPress Plugin PhonePe Payment Solutions Server-Side Request Forgery (1.0.15)

WordPress Plugin Rank Math SEO-Best SEO For WordPress To Increase Your SEO Traffic Server-Side Request Forgery (1.0.95)

WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.19)

WordPress Plugin Print My Blog-Print, PDF, & eBook Converter Server-Side Request Forgery (1.6.5)

Severity

High

Classification

CVE-2019-18394 CWE-918 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

SSRF