An issue in the Elasticsearch plugin of Appsmith v1.7.11 allows attackers to connect disallowed hosts to the AWS/GCP internal metadata endpoint.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/appsmithorg/appsmith/pull/15834 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-03T10:54:02.328Z
Reserved: 2022-08-15T00:00:00
Link: CVE-2022-38299

No data.

Status : Modified
Published: 2022-09-12T22:15:08.697
Modified: 2024-11-21T07:16:12.530
Link: CVE-2022-38299

No data.