Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
A server-side request forgery (SSRF) vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation or destination filtering. The response body is then returned to the user.
This allows an authenticated attacker to reach internal services and metadata endpoints that would not otherwise be accessible from the public network, and to retrieve their contents. The impact is information disclosure and internal infrastructure reconnaissance; the request primitive is limited to HTTP GET with no custom headers. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.
AnalysisAI
Server-side request forgery in the shared GraphQL service of Altium Enterprise Server (prior to 8.1.1) and Altium 365 allows authenticated users to coerce the server into issuing arbitrary outbound HTTP GET requests and receiving the response body. The flaw enables reconnaissance of internal services and cloud metadata endpoints not reachable from the public network. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Technical ContextAI
The vulnerability resides in a GraphQL service component shared between the on-premise Altium Enterprise Server (cpe:2.3:a:altium:altium_enterprise_server) and the Altium 365 cloud platform (cpe:2.3:a:altium:altium_365). It is classified as CWE-918 (SSRF): a user-supplied input that should be a constrained identifier is instead trusted as a URL and passed to the server's HTTP client without scheme, host, or destination allowlisting. Because the response body is reflected back to the requester, the GraphQL endpoint becomes a generic outbound HTTP GET proxy, which on a cloud-hosted deployment such as Altium 365 typically exposes IMDS-style metadata services (e.g., 169.254.169.254) as well as internal microservices bound to private RFC1918 ranges.
RemediationAI
Vendor-released patch: upgrade Altium Enterprise Server to version 8.1.1 or later, per the Altium security advisory at https://www.altium.com/platform/security-compliance/security-advisories. Altium 365 customers do not need to take action - the vendor has already remediated the issue at the service level. If immediate patching of an on-premise Enterprise Server is not possible, compensating controls include placing the server behind an egress firewall that denies outbound HTTP to RFC1918 ranges and cloud metadata IPs (notably 169.254.169.254 and fd00:ec2::254), enforcing IMDSv2 with hop-limit 1 on AWS hosts so the GET-only primitive cannot retrieve a session token, and restricting which authenticated principals can call the affected GraphQL operations via reverse-proxy ACLs. The egress filter has the side effect of breaking any legitimate server-initiated HTTP calls to internal systems, which should be inventoried before enforcement.
More in Altium Enterprise Server
View allRemote code execution in Altium Enterprise Server (versions prior to 8.1.1) and Altium 365 arises from a path traversal
Unauthenticated file disclosure and arbitrary file read in Altium Enterprise Server prior to 8.1.1 allows any network-re
Arbitrary file write in Altium Enterprise Server ComparisonService allows authenticated workspace users to escape the te
Arbitrary file read in Altium Enterprise Server Collaboration Service (versions prior to 8.1.1) allows an authenticated
Arbitrary file read in Altium Enterprise Server on-premise deployments allows any authenticated low-privilege user to es
Authenticated path traversal in Altium Enterprise Server (before 8.1.1) and Altium 365 lets a low-privileged user read a
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-34917
GHSA-v97p-56pc-586g