Primary

Context

Nimesa Backup and Recovery Server-Side Request Forgery Vulnerability

Vulnerability

A server-side request forgery (SSRF) vulnerability has been identified in Nimesa Backup and Recovery for AWS, specifically in versions prior to 3.0.2025062305, as well as in versions 2.3 and 2.4. This vulnerability allows unintended requests to be sent to internal servers.

Impact

Exploitation of this vulnerability could lead to unauthorized requests being made to internal servers, potentially allowing for further attacks or information disclosure.

Remediation

Users are advised to update Nimesa Backup and Recovery to the latest version. The latest version can be found on the AWS Marketplace.

Added: Jul 7, 2025, 5:20 AM

Updated: Jul 7, 2025, 5:20 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

7.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

7.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Nimesa Backup and Recovery Server-Side Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating