EUVD-2026-33670
GHSA-4mj2-2x8x-85xv
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833aef9b5dfd17a5991b3b18a8a11edbdc583. This impacts the function getAssetMetadata of the file src/mcp-server.ts of the component Axios Request Flow. Executing a manipulation of the argument assetPath can lead to server-side request forgery. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Server-side request forgery in indrasishbanerjee aem-mcp-server allows authenticated remote attackers with low privileges to manipulate the assetPath argument of the getAssetMetadata function, causing the server's Axios HTTP client to issue arbitrary outbound requests. All code up to commit b5f833aef9b5dfd17a5991b3b18a8a11edbdc583 is affected; the project uses no versioning scheme, making version-based scoping impossible. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid, low-privilege authenticated session on the aem-mcp-server MCP endpoint (CVSS PR:L); unauthenticated exploitation is not indicated by available data. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 score of 2.1 reflects a genuinely low-severity outcome: while the attack vector is network-based (AV:N) with low complexity (AC:L) and no attack requirements beyond low-privilege authentication (PR:L), all three impact dimensions on the vulnerable system are rated Low (VC:L/VI:L/VA:L), and there is no scope change to subsequent systems (SC:N/SI:N/SA:N). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An authenticated user with low-level access to the aem-mcp-server MCP endpoint crafts a request to the getAssetMetadata function, supplying a malicious assetPath value such as an internal cloud metadata URL or an internal service address. The Axios HTTP client issues the request on behalf of the server, returning response data to the attacker and potentially exposing credentials, internal service responses, or infrastructure topology. … |
| Remediation | No vendor-released patch has been identified at time of analysis; the project maintainer had not responded to the disclosure as of the reporting date. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today