CVE-2020-21122: Server-Side Request Forgery in UReport
5.3
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.45505%
CWE
Published
9/20/2021
Updated
2/1/2023
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
com.bstek.ureport:ureport2-console | maven | <= 2.2.9 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability manifests in the designer page's connection handling functionality. The description explicitly mentions unauthorized SSRF through intranet port detection, which typically occurs when: 1) User-controlled input (host/port) is used to initiate network connections 2) No authentication checks protect the endpoint 3) No allowlist validation
restricts target destinations. The database connection failure response pattern mentioned in the GitHub issue suggests the vulnerable function
is related to database connection testing features in the designer interface. While exact method
names aren't provided, UReport
's architecture would logically place this functionality in the DesignerController
class handling designer page requests.