Microcks
Microcks SSRF Vulnerability #892
Replies: 1 comment 1 reply
-
|
Hello, Thanks for raising this discussion. I have to admit I'm lacking a bit of context on this topic as I don't know how to evaluate the risks and the impact of such a vulnerability. What can typically do an attacker that would exploit it? I mean I have basic knowledge of SSRF but in this particular use case how could we avoid connecting to an external URL? And is there some risk as we're expecting a well-formed artifact and not running arbitrary code that may be provided by this external URL? Thanks for your explanation. |
Beta Was this translation helpful? Give feedback.
-
|
I apologize for the late response. This SSRF could pose a threat to the internal network resources where Microcks is located. For example, if there is a vulnerable web service within the internal network where Microcks resides, an attacker could exploit this SSRF vulnerability to send HTTP requests and carry out an attack, thereby compromising the overall security of the internal network. The recommended fix provided here is to filter internal network IP ranges, such as 127.0.0.1, 192.168.0.1/24, 172.16.0.1/24, etc., in order to protect the security of the internal network resources. |
Beta Was this translation helpful? Give feedback.
-
Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.
Beta Was this translation helpful? Give feedback.
All reactions