Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,678)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-42091 1Zammad 1Zammad Nov 21, 2024 Oct 7, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 An issue was discovered in Zammad before 4.1.1. SSRF can occur via GitHub or GitLab integration.
CVE-2021-22958 1Concretecms 1Concrete Cms Nov 21, 2024 Oct 7, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction with local services. Imp...Show more A Server-Side Request Forgery vulnerability was found in concrete5 < 8.5.5 that allowed a decimal notation encoded IP address to bypass the limitations in place for localhost allowing interaction with local services. Impact can vary depending on services exposed.CVSSv2.0 AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:NShow less
CVE-2020-21653 1Myucms Project 1Myucms Nov 21, 2024 Oct 6, 2021 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sj() method.
CVE-2020-21649 1Myucms Project 1Myucms Nov 21, 2024 Oct 6, 2021 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index.php, which can be exploited via the sql() method.
CVE-2021-39894 1Gitlab 1Gitlab Nov 21, 2024 Oct 5, 2021 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 In all versions of GitLab CE/EE since version 8.0, a DNS rebinding vulnerability exists in Fogbugz importer which may be used by attackers to exploit Server Side Request Forgery attacks.
CVE-2021-39867 1Gitlab 1Gitlab Nov 21, 2024 Oct 5, 2021 N/A· v4 8.1 HIGH· v3 5.5 MEDIUM· v2 In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea Importer may be exploited by an attacker to trigger Server Side Request Forgery (SSRF) attacks.
CVE-2021-37223 1Nagios 1Nagios Xi Nov 21, 2024 Oct 5, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Nagios Enterprises NagiosXI <= 5.8.4 contains a Server-Side Request Forgery (SSRF) vulnerability in schedulereport.php. Any authenticated user can create scheduled reports containing PDF screenshots of any view in the Na...Show more Nagios Enterprises NagiosXI <= 5.8.4 contains a Server-Side Request Forgery (SSRF) vulnerability in schedulereport.php. Any authenticated user can create scheduled reports containing PDF screenshots of any view in the NagiosXI application. Due to lack of input sanitisation, the target page can be replaced with an SSRF payload to access internal resources or disclose local system files.Show less
CVE-2021-37104 1Huawei 1P40 Firmware Nov 21, 2024 Sep 28, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful explo...Show more There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain resource which the attacker are supposed not to do.Show less
CVE-2021-40109 1Concretecms 1Concrete Cms Nov 21, 2024 Sep 27, 2021 N/A· v4 6.4 MEDIUM· v3 5.5 MEDIUM· v2 A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that redirects to an intern...Show more A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on their local network. A user with permissions to upload files from external sites can upload a URL that redirects to an internal resource of any file type. The redirect is followed and loads the contents of the file from the redirected-to server. Files of disallowed types can be uploaded.Show less
CVE-2021-41385 1Securonix 1Snypr Nov 21, 2024 Sep 27, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The third party intelligence connector in Securonix SNYPR 6.3.1 Build 184295_0302 allows an authenticated user to obtain access to server configuration details via SSRF.
CVE-2021-41587 1Gradle 1Gradle Nov 21, 2024 Sep 24, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources.
CVE-2021-41586 1Gradle 1Gradle Nov 21, 2024 Sep 24, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password.
CVE-2020-24327 1Discourse 1Discourse Nov 21, 2024 Sep 23, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email function. When writing an email in an editor, you can upload pictures of remote websites.
CVE-2021-21993 1Vmware 2Cloud Foundation Vcenter Server Nov 21, 2024 Sep 23, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this iss...Show more The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure.Show less
CVE-2021-39339 1Telefication 1Telefication Nov 21, 2024 Sep 22, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The Telefication WordPress plugin is vulnerable to Open Proxy and Server-Side Request Forgery via the ~/bypass.php file due to a user-supplied URL request value that gets called by a curl requests. This affects versions...Show more The Telefication WordPress plugin is vulnerable to Open Proxy and Server-Side Request Forgery via the ~/bypass.php file due to a user-supplied URL request value that gets called by a curl requests. This affects versions up to, and including, 1.8.0.Show less
CVE-2021-41084 1Typelevel 1Http4s Nov 21, 2024 Sep 21, 2021 N/A· v4 4.7 MEDIUM· v3 4.3 MEDIUM· v2 http4s is an open source scala interface for HTTP. In affected versions http4s is vulnerable to response-splitting or request-splitting attacks when untrusted user input is used to create any of the following fields: Hea...Show more http4s is an open source scala interface for HTTP. In affected versions http4s is vulnerable to response-splitting or request-splitting attacks when untrusted user input is used to create any of the following fields: Header names (`Header.name`å), Header values (`Header.value`), Status reason phrases (`Status.reason`), URI paths (`Uri.Path`), URI authority registered names (`URI.RegName`) (through 0.21). This issue has been resolved in versions 0.21.30, 0.22.5, 0.23.4, and 1.0.0-M27 perform the following. As a matter of practice http4s services and client applications should sanitize any user input in the aforementioned fields before returning a request or response to the backend. The carriage return, newline, and null characters are the most threatening.Show less
CVE-2021-37419 1Zohocorp 1Manageengine Admanager Plus Nov 21, 2024 Sep 21, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to SSRF.
CVE-2021-40438 11Apache BroadcomDebian+8 more 39Brocade Fabric Operating System Firmware Cloud BackupClustered Data Ontap+36 more Oct 27, 2025 Sep 16, 2021 N/A· v4 9.0 CRITICAL· v3 6.8 MEDIUM· v2 A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-33705 1Sap 1Netweaver Portal Nov 21, 2024 Sep 15, 2021 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated attacker to craft a malic...Show more The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated attacker to craft a malicious URL which when clicked by a user can make any type of request (e.g. POST, GET) to any internal or external server. This can result in the accessing or modification of data accessible from the Portal but will not affect its availability.Show less
CVE-2021-33690 1Sap 1Netweaver Development Infrastructure Nov 21, 2024 Sep 15, 2021 N/A· v4 9.9 CRITICAL· v3 6.5 MEDIUM· v2 Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50The SAP NetWeaver Development Infras...Show more Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50The SAP NetWeaver Development Infrastructure Component Build Service allows a threat actor who has access to the server to perform proxy attacks on server by sending crafted queries. Due to this, the threat actor could completely compromise sensitive data residing on the Server and impact its availability.Note: The impact of this vulnerability depends on whether SAP NetWeaver Development Infrastructure (NWDI) runs on the intranet or internet. The CVSS score reflects the impact considering the worst-case scenario that it runs on the internet.Show less

Previous 1...109110111...134 Next