SSRF Vulnerability in Reprise License Manager (RLM) Web Interface Allows Remote Attackers to Trigger Outbound Requests

SSRF Vulnerability in Reprise License Manager (RLM) Web Interface Allows Remote Attackers to Trigger Outbound Requests

CVE-2021-37498 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function.

Learn more about our Web App Pen Testing.