{"id":"CVE-2019-7652","details":"TheHive Project UnshortenLink analyzer before 1.1, included in Cortex-Analyzers before 1.15.2, has SSRF. To exploit the vulnerability, an attacker must create a new analysis, select URL for Data Type, and provide an SSRF payload like \"http://127.0.0.1:22\" in the Data parameter. The result can be seen in the main dashboard. Thus, it is possible to do port scans on localhost and intranet hosts.","modified":"2026-04-11T20:27:13.994151Z","published":"2019-05-09T21:29:07.720Z","references":[{"type":"ADVISORY","url":"http://packetstormsecurity.com/files/152804/TheHive-Project-Cortex-2.1.3-Server-Side-Request-Forgery.html"},{"type":"ADVISORY","url":"https://blog.thehive-project.org/2019/02/11/unshortenlink-ssrf-and-cortex-analyzers-1-15-2/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/thehive-project/cortex-analyzers","events":[{"introduced":"0"},{"fixed":"a6e2c1a3d61fd682808ce717419243531f253f54"}],"database_specific":{"cpe":"cpe:2.3:a:thehive-project:cortex-analyzers:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"fixed":"1.15.2"}]}}],"versions":["1.0.0","1.10.0","1.10.2","1.10.3","1.10.4","1.11.0","1.12.0","1.13.0","1.13.1","1.13.2","1.14.0","1.14.1","1.14.2","1.14.3","1.14.4","1.15.1","1.4.0","1.4.1","1.4.2","1.4.4","1.5.0","1.5.1","1.6.1","1.6.2","1.6.3","1.6.4","1.6.5","1.7.0","1.7.1","1.8.0","1.8.1","1.8.3","1.9.0","1.9.2","1.9.3","1.9.5","1.9.6","1.9.7"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-7652.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"}]}