Server-Side Request Forgery

⚔️ Attack Types Related 17
slug: ssrf

Explanation

SSRFは「外部からのリクエストを、サーバーが内部ネットワークに転送してしまう」脆弱性です。 たとえば「画像URLを貼って」と言われてWebサービスがそのURLを取りに行く機能で、攻撃者が `http://169.254.169.254/` (AWSの内部メタデータURL) を入れると、AWSの認証情報が漏洩する、というのが典型例。 クラウド時代に特に危険視されている脆弱性です。
📌 Example
Capital One事件 (2019, 1億人の個人情報流出): WAFのSSRF脆弱性経由でAWS認証情報が窃取され、S3バケットから個人情報を全件取られた。

🔖 Related tags

🛡 Vulnerabilities tagged with this 294

ID Title
CVE-2017-9413 Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that (1) subscribe to a po...
CVE-2016-6798 XXE (XML External Entity) in apache (CVE-2016-6798)
CVE-2017-10973 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-10973)
CVE-2017-9355 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-9355)
CVE-2017-9307 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-9307)
CVE-2017-7503 XXE (XML External Entity) in ssrf (CVE-2017-7503)
CVE-2017-9066 SSRF (Server-Side Request Forgery) in wordpress (CVE-2017-9066)
CVE-2017-8794 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-8794)
CVE-2015-7570 SSRF (Server-Side Request Forgery) in ssrf (CVE-2015-7570)
CVE-2016-7051 XXE (XML External Entity) in ssrf (CVE-2016-7051)
CVE-2017-7569 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-7569)
CVE-2017-7566 MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism.
CVE-2017-6130 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-6130)
CVE-2017-7272 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-7272)
CVE-2017-7200 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-7200)
CVE-2017-5617 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-5617)
CVE-2017-5643 Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE.
CVE-2015-8813 SSRF (Server-Side Request Forgery) in ssrf (CVE-2015-8813)
CVE-2016-4312 XXE (XML External Entity) in ssrf (CVE-2016-4312)
CVE-2016-6001 SSRF (Server-Side Request Forgery) in ssrf (CVE-2016-6001)
CVE-2016-9417 SSRF (Server-Side Request Forgery) in ssrf (CVE-2016-9417)
CVE-2016-6621 SSRF (Server-Side Request Forgery) in ssrf (CVE-2016-6621)
CVE-2016-7999 SSRF (Server-Side Request Forgery) in ssrf (CVE-2016-7999)
CVE-2017-5518 SSRF (Server-Side Request Forgery) in ssrf (CVE-2017-5518)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →