Server-Side Request Forgery (SSRF)
ID |
scala.ssrf.scala_ssrf_rule_ssrf |
Severity |
high |
Resource |
Ssrf |
Language |
Scala |
Description
Server-Side Request Forgery occur when a web server executes a request to a user supplied destination parameter that is not validated. Such vulnerabilities could allow an attacker to access internal services or to launch attacks from your web server.
Rationale
Server-Side Request Forgery occur when a web server executes a request to a user supplied destination parameter that is not validated. Such vulnerabilities could allow an attacker to access internal services or to launch attacks from your web server.
The following code illustrates a vulnerable pattern detected by this rule:
def testURL(url: String): Unit = {
// VULNERABLE: Server-Side Request Forgery (SSRF)
new URL(url).openConnection.connect()
// VULNERABLE: Server-Side Request Forgery (SSRF)
new URL("http://safe.com").openConnection(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(url, 8080))).connect()
// VULNERABLE: Server-Side Request Forgery (SSRF)
new URL(url).openConnection.getInputStream()
// VULNERABLE: Server-Side Request Forgery (SSRF)
new URL(url).openConnection.getLastModified()
// VULNERABLE: Server-Side Request Forgery (SSRF)
new URL(url).openStream()
// VULNERABLE: Server-Side Request Forgery (SSRF)
new URL(url).getContent()
// VULNERABLE: Server-Side Request Forgery (SSRF)
new URL(url).getContent(new Array(0))
}Remediation
Follow secure coding practices and review the references below for detailed remediation guidance.
References
-
OWASP Top 10 2021 - A10 : Server-Side Request Forgery.