Primary

Context

aEnrich Technology a+HRD Server-Side Request Forgery Vulnerability

Vulnerability

Patched

A server-side request forgery (SSRF) vulnerability has been identified in a+HRD versions 7.5 and earlier, developed by aEnrich Technology. This vulnerability allows unauthenticated remote attackers to probe internal networks, potentially leading to unauthorized access or information disclosure.

Impact

Exploitation of this vulnerability could allow remote attackers to access and probe internal network resources, potentially leading to further exploitation or information disclosure.

Remediation

Users are advised to upgrade to a+HRD version 6.8 or later and install the latest patches. For assistance, contact aEnrich customer service.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

aEnrich Technology a+HRD Server-Side Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

aEnrich Technology a+HRD

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating