Server side request forgery (ssrf)

2022-02-0913:15:00

PRIOn knowledge base

www.prio-n.com

3.8 Low

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.6%

JSON

In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests performed internally, which can be abused by a highly-privileged attacker to perform blind SSRF and send internal requests to localhost.

CPENameOperatorVersion
arangodbge3.7.0
arangodble3.8.5.1
arangodbeq3.9.0 alpha1

Name	Operator	Version
arangodb	ge	3.7.0
arangodb	le	3.8.5.1
arangodb	eq	3.9.0 alpha1

References

github.com/arangodb/arangodb/commit/d7b35a6884c6b2802d34d79fb2a79fb2c9ec2175

github.com/arangodb/arangodb/commit/d9b7f019d2435f107b19a59190bf9cc27d5f34dd

www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25939