Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

CVEs (2,643)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-16248 1Prometheus 1Blackbox Exporter Nov 21, 2024 Aug 9, 2020 N/A· v4 5.8 MEDIUM· v3 5.0 MEDIUM· v2 Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability
CVE-2020-15823 1Jetbrains 1Youtrack Nov 21, 2024 Aug 8, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVE-2020-15819 1Jetbrains 1Youtrack Nov 21, 2024 Aug 8, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.
CVE-2020-13970 1Shopware 1Shopware Nov 21, 2024 Jul 28, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Shopware before 6.2.3 is vulnerable to a Server-Side Request Forgery (SSRF) in its "Mediabrowser upload by URL" feature. This allows an authenticated user to send HTTP, HTTPS, FTP, and SFTP requests on behalf of the Shop...Show more Shopware before 6.2.3 is vulnerable to a Server-Side Request Forgery (SSRF) in its "Mediabrowser upload by URL" feature. This allows an authenticated user to send HTTP, HTTPS, FTP, and SFTP requests on behalf of the Shopware platform server.Show less
CVE-2020-15879 1Bitwarden 1Server Nov 21, 2024 Jul 21, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16).
CVE-2020-8205 1Transloadit 1Uppy Nov 21, 2024 Jul 20, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal syste...Show more The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.Show less
CVE-2020-13788 1Linuxfoundation 1Harbor Nov 21, 2024 Jul 15, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.
CVE-2020-6282 1Sap 1Netweaver Application Server Java Nov 21, 2024 Jul 14, 2020 N/A· v4 5.8 MEDIUM· v3 5.0 MEDIUM· v2 SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an at...Show more SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA (IIOP service) (CORE-TOOLS), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability.Show less
CVE-2020-14170 1Atlassian 1Bitbucket Nov 21, 2024 Jul 9, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.
CVE-2020-14056 1Monstaftp 1Monsta Ftp Nov 21, 2024 Jul 1, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arb...Show more Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services.Show less
CVE-2019-20408 1Atlassian 1Jira Nov 21, 2024 Jul 1, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a l...Show more The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.Show less
CVE-2020-13484 1Bitrix24 1Bitrix24 Nov 21, 2024 Jun 24, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta name="og:image" conten...Show more Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta name="og:image" content="' followed by an intranet URL.Show less
CVE-2019-20872 1Mattermost 1Mattermost Server Nov 21, 2024 Jun 19, 2020 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. SSRF can attack local services.
CVE-2020-8544 1Open Xchange 1Open Xchange Appsuite Nov 21, 2024 Jun 16, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 OX App Suite through 7.10.3 allows SSRF.
CVE-2020-13650 1Digdash 1Digdash Nov 21, 2024 Jun 15, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery (SSRF) that allows use of the application as a proxy. Sent to an externa...Show more An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery (SSRF) that allows use of the application as a proxy. Sent to an external server, a forged request discloses application credentials. For a request to an internal component, the request is blind, but through the error message it's possible to determine whether the request targeted a open service.Show less
CVE-2020-9427 1Open Xchange 1Ox Guard Nov 21, 2024 Jun 15, 2020 N/A· v4 5.0 MEDIUM· v3 4.0 MEDIUM· v2 OX Guard 2.10.3 and earlier allows SSRF.
CVE-2020-11980 1Apache 1Karaf Nov 21, 2024 Jun 12, 2020 N/A· v4 6.3 MEDIUM· v3 6.5 MEDIUM· v2 In Karaf, JMX authentication takes place using JAAS and authorization takes place using ACL files. By default, only an "admin" can actually invoke on an MBean. However there is a vulnerability there for someone who is no...Show more In Karaf, JMX authentication takes place using JAAS and authorization takes place using ACL files. By default, only an "admin" can actually invoke on an MBean. However there is a vulnerability there for someone who is not an admin, but has a "viewer" role. In the 'etc/jmx.acl.cfg', such as role can call get*. It's possible to authenticate as a viewer role + invokes on the MLet getMBeansFromURL method, which goes off to a remote server to fetch the desired MBean, which is then registered in Karaf. At this point the attack fails as "viewer" doesn't have the permission to invoke on the MBean. Still, it could act as a SSRF style attack and also it essentially allows a "viewer" role to pollute the MBean registry, which is a kind of privilege escalation. The vulnerability is low as it's possible to add a ACL to limit access. Users should update to Apache Karaf 4.2.9 or newer.Show less
CVE-2020-9645 1Adobe 1Experience Manager Nov 21, 2024 Jun 12, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVE-2020-9643 1Adobe 1Experience Manager Nov 21, 2024 Jun 12, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVE-2020-12725 1Redash 1Redash Nov 21, 2024 Jun 11, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a l...Show more Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding headers, selecting any HTTP verb, etc.Show less

Previous 1...118119120...133 Next