Back to search
CVE-2021-20788
Published: Jul 28, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
Server-side request forgery (SSRF) vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0) allows a remote authenticated attacker to conduct a port scan from the product and/or obtain information from the internal Web server.
| Vendor | Product | Versions |
|---|---|---|
Japan Total System Co.,Ltd. | GroupSession | affected GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0 |
References
https://groupsession.jp/info/info-news/security202107
x_refsource_MISC
https://jvn.jp/en/jp/JVN86026700/index.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now