Primary

Context

ControlID iDSecure On-Premises Server-Side Request Forgery Vulnerability

Vulnerability

Patched

A Server-Side Request Forgery (SSRF) vulnerability has been identified in ControlID iDSecure On-premises versions 4.7.48.0 and prior. This vulnerability allows an unauthenticated attacker to retrieve information from other servers.

Impact

Exploitation of this vulnerability could lead to unauthorized information retrieval from other servers.

Remediation

ControlID has released version 4.7.50.0 for users to update to. For more information, contact ControlID.

Added: Jun 24, 2025, 8:39 PM

Updated: Jun 24, 2025, 8:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.2

exploitability

4.7

remediation

7.9

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.2

exploitability

4.7

remediation

7.9

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ControlID iDSecure On-Premises Server-Side Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

ControlID iDSecure On-premises

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating