CVE-2025-53473 | THREATINT

Description

Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers.

PUBLISHED Reserved 2025-07-02 | Published 2025-07-07 | Updated 2025-07-07 | Assigner jpcert

HIGH: 7.3CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L

Problem types

Server-side request forgery (SSRF)

Product status

prior to v3.0.2025062305

affected

v2.3

affected

v2.4

affected

References

aws.amazon.com/...le?id=08fb48d1-5d60-4feb-93c6-c0c219278a2c

jvn.jp/en/jp/JVN88251376/

cve.org (CVE-2025-53473)

nvd.nist.gov (CVE-2025-53473)

Download JSON