CVE-2025-48739 MEDIUM

CVE-2025-48739

Vendor Strangebee
Product TheHive
Weakness CWE-918 · SSRF
Published May 23, 2025
Last update May 23, 2025
View on NVD All CVEs

CVSS base score

4.6/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L

What the vulnerability does

01Description

A Server-Side Request Forgery (SSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows remote authenticated attackers with admin permissions (allowing them to access specific API endpoints) to manipulate URLs to direct requests to unexpected hosts or ports. This allows the attacker to use a TheHive server as a proxy to reach internal or otherwise restricted resources. This could be exploited to access other servers on the internal network.

Key dates

02Disclosure timeline

May 23, 2025 CVE published
May 23, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-68477 Langflow vulnerable to Server-Side Request Forgery CVE-2025-8013 Quttera Web Malware Scanner <= 3.5.1.41 - Authenticated (Administrator+) Server-Side Request Forgery CVE-2025-13588 lKinderBueno Streamity Xtream IPTV Player proxy.php server-side request forgery CVE-2022-39055 Changing Information Technology Inc. RAVA certificate validation system - Server-Side Request Forgery (SSRF) CVE-2022-23464 Potential Server Side Request Forgery (SSRF) in Nepxion Discovery