CVE-2024-39713

HIGH

CVSS v3

8.6

HIGH

EPSS Score

89.3%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.

Technical Details

Published
8/5/2024

Frequently Asked Questions

What is CVE-2024-39713?

A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.

Is CVE-2024-39713 actively exploited?

Active exploitation of CVE-2024-39713 has not been confirmed. The EPSS score is 89.3%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2024-39713?

CVE-2024-39713 has a CVSS v3 base score of 8.6 (HIGH severity).

Is CVE-2024-39713 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.