Cyber Posture

CVE-2024-48590

Critical

Published: 20 March 2025

Published
20 March 2025
Modified
01 April 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0215 84.4th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-48590 is a critical-severity SSRF (CWE-918) vulnerability in Inflectra Spirateam. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 15.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the SSRF flaw in Inflectra SpiraTeam's NewsReaderService through timely patching, preventing unauthenticated exploitation, privilege escalation, and sensitive information disclosure.

SI-10 Information Input Validation good match
prevent

Enforces validation of inputs to the NewsReaderService, blocking malicious URLs that enable SSRF attacks.

SC-7 Boundary Protection partial match
preventdetect

Implements boundary protections to monitor and restrict unauthorized network requests from the vulnerable NewsReaderService to internal resources.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

SSRF vulnerability (CVE-2024-48590) in public-facing SpiraTeam application enables exploitation of public-facing application (T1190) for privilege escalation (T1068) and obtaining sensitive information.

NVD Description

Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive information.

Deeper analysisAI

Inflectra SpiraTeam 7.2.00 is vulnerable to a Server-Side Request Forgery (SSRF) issue, tracked as CVE-2024-48590 and published on 2025-03-20, through its NewsReaderService component. This vulnerability, mapped to CWE-918, carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its high impacts on confidentiality, integrity, and availability.

The vulnerability can be exploited by an unauthenticated attacker over the network with low attack complexity and no user interaction required. Exploitation enables privilege escalation and access to sensitive information, allowing the attacker to compromise the targeted SpiraTeam instance.

Further details, including potential mitigation guidance or patches, are available in the advisory at https://github.com/GCatt-AS/CVE-2024-48590/blob/main/README.md.

Details

CWE(s)
CWE-918

Affected Products

inflectra
spirateam
7.2.00

CVEs Like This One

CVE-2026-32169Shared CWE-918
CVE-2026-26137Shared CWE-918
CVE-2025-59503Shared CWE-918
CVE-2025-62207Shared CWE-918
CVE-2026-32186Shared CWE-918
CVE-2026-33107Shared CWE-918
CVE-2026-26150Shared CWE-918
CVE-2026-26138Shared CWE-918
CVE-2025-21177Shared CWE-918
CVE-2026-7025Shared CWE-918

References