GCVE - cpe:2.3:a:tencent:blueking_configuration_management

Approved changes feed: RSS · Atom

cpe:2.3:a:tencent:blueking_configuration_management_database:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Tencent (`f719dbd4-b477-5cfc-82bb-cc1efc23c3ce`)
Product	Blueking Configuration Management Database (`1c75722d-ab2c-58ae-b95b-88e8a79ac44a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/tencentblueking/bk-cmdb`	purl2cpe	2026-06-01 10:17:57.130156
`pkg:golang/github.com/tencentblueking/bk-cmdb`	purl2cpe	2026-06-01 10:17:57.130159

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-22873`	vulnerable	2026-06-03 14:55:01.477973	Details available Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain a Server-Side Request Forgery (SSRF) via the event subscription function (/service/subscription.go). This vulnerability allows attackers to access internal requests via a crafted POST request. Published: 2024-02-26T00:00:00.000Z Updated: 2024-08-05T20:16:24.951Z Open on db.gcve.eu Reference links http://tencent.com http://blueking.com https://sphenoid-enquiry-9be.notion.site/BK-CMDB-SSRF-ba21e94f4976460188fa52d26c15a6ae?pvs=4 https://gist.github.com/exp1orer/0f190c6a64b668a9b1c4c47789affa09	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.