Primary

Context

Guardsix ODBC Enrichment Plugins Logic Flaw Leading to SSRF Vulnerability

Vulnerability

A logic flaw in Guardsix ODBC Enrichment Plugins, prior to version 5.2.1, allowed stored database credentials to be improperly reused when editing an existing Enrichment Source. Although connection parameters such as Host, IP address, or Port were changed, the old credentials remained, creating a vulnerability. This flaw enabled an authenticated Operator user to redirect database connections to unintended internal systems, potentially misusing valid stored credentials.

Impact

Exploitation of this vulnerability could lead to Server-Side Request Forgery (SSRF), allowing an attacker to manipulate server requests and potentially access internal systems or services.

Remediation

Users are advised to upgrade to Guardsix Logpoint version 7.9.0 and ODBC version 5.2.1.

Added: Apr 22, 2026, 4:08 PM

Updated: Apr 22, 2026, 4:08 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.7

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.7

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Guardsix ODBC Enrichment Plugins Logic Flaw Leading to SSRF Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating