Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain a Server-Side Request Forgery (SSRF) via the event subscription function (/service/subscription.go). This vulnerability allows attackers to access internal requests via a crafted POST request.
Metrics
Affected Vendors & Products
References
History
Tue, 07 Jul 2026 02:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Tencent cmdb
|
|
| CPEs | cpe:2.3:a:tencent:cmdb:3.2.0:*:*:*:*:*:*:* | |
| Vendors & Products |
Tencent cmdb
|
|
| Metrics |
ssvc
|
Mon, 09 Jun 2025 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Tencent blueking Configuration Management Database
|
|
| CPEs | cpe:2.3:a:tencent:blueking_configuration_management_database:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Tencent blueking Cmdb
|
Tencent blueking Configuration Management Database
|
Fri, 25 Apr 2025 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Tencent
Tencent blueking Cmdb |
|
| CPEs | cpe:2.3:a:tencent:blueking_cmdb:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Tencent
Tencent blueking Cmdb |
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-09T00:29:47.526Z
Reserved: 2024-01-11T00:00:00.000Z
Link: CVE-2024-22873
Updated: 2026-07-09T00:29:47.526Z
Status : Analyzed
Published: 2024-02-26T16:27:56.733
Modified: 2026-06-17T07:11:51.287
Link: CVE-2024-22873
No data.
OpenCVE Enrichment
No data.