{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2021-47703","assignerOrgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","state":"PUBLISHED","assignerShortName":"VulnCheck","dateReserved":"2025-12-05T19:10:29.045Z","datePublished":"2025-12-09T20:36:20.265Z","dateUpdated":"2026-04-07T14:05:31.524Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"OpenBMCS","vendor":"OPEN BMCS","versions":[{"status":"affected","version":"2.4"}]}],"credits":[{"lang":"en","type":"finder","value":"LiquidWorm as Gjoko Krstic of Zero Science Lab"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>OpenBMCS 2.4 contains an unauthenticated SSRF vulnerability that allows attackers to bypass firewalls and initiate service and network enumeration on the internal network through the affected application, allowing hijacking of current sessions. Attackers can specify an external domain in the 'ip' parameter to force the application to make an HTTP request to an arbitrary destination host.</p>"}],"value":"OpenBMCS 2.4 contains an unauthenticated SSRF vulnerability that allows attackers to bypass firewalls and initiate service and network enumeration on the internal network through the affected application, allowing hijacking of current sessions. Attackers can specify an external domain in the 'ip' parameter to force the application to make an HTTP request to an arbitrary destination host."}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":6.9,"baseSeverity":"MEDIUM","exploitMaturity":"NOT_DEFINED","privilegesRequired":"NONE","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-918","description":"CWE-918: Server-Side Request Forgery (SSRF)","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","shortName":"VulnCheck","dateUpdated":"2026-04-07T14:05:31.524Z"},"references":[{"name":"ExploitDB-50670","tags":["exploit"],"url":"https://www.exploit-db.com/exploits/50670"},{"name":"Official Product Homepage","tags":["product"],"url":"https://www.openbmcs.com"},{"name":"Zero Science Lab Disclosure (ZSL-2022-5694)","tags":["third-party-advisory"],"url":"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5694.php"},{"name":"VulnCheck Advisory: OpenBMCS Server Side Request Forgery (SSRF) via /php/query.php","tags":["third-party-advisory"],"url":"https://www.vulncheck.com/advisories/openbmcs-server-side-request-forgery-ssrf-via-phpqueryphp"}],"source":{"discovery":"UNKNOWN"},"title":"OpenBMCS Server Side Request Forgery (SSRF) via /php/query.php","x_generator":{"engine":"vulncheck"},"datePublic":"2022-01-18T00:00:00.000Z"},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-12-09T21:32:51.414136Z","id":"CVE-2021-47703","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-12-09T21:33:01.529Z"}}]}}