Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:44129
HistoryNov 03, 2023 - 5:24 a.m.

Server-Side Request Forgery (SSRF)

2023-11-0305:24:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
foodcoopshop
vulnerability
server-side request forgery
improper image validation
unauthorized access
file copying
api endpoint

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

29.5%

foodcoopshop/foodcoopshop is vulnerable to Server-Side Request Forgery (SSRF). The vulnerability is due to the lack of proper image validation. This flaw permits an attacker to send a request to any host on the local network, which then responds with a 200 status code for a HEAD requests serving a valid image for the first GET request, and issues a 302 redirect to a final target on the second GET request. As a result, the server inadvertently copies whatever file is present at the redirect destination through the /api/updateProducts.json endpoint.

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

29.5%

Related for VERACODE:44129