Statements (22)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:bfsLayer |
6
|
| gptkbp:bfsParent |
gptkb:CWE-750
|
| gptkbp:example |
An attacker can use SSRF to access internal services.
|
| gptkbp:has_weakness |
gptkb:CWE-918
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-918
|
| gptkbp:impact |
Data exposure
Remote code execution Denial of service |
| gptkbp:is_described_as |
A weakness that allows an attacker to send crafted requests from a vulnerable server to an unintended destination.
|
| gptkbp:is_protected_by |
Implement input validation.
Limit network access for the application. Use a whitelist of allowed destinations. |
| gptkbp:is_referenced_in |
gptkb:CWE-200
gptkb:CWE-22 gptkb:CWE-77 gptkb:API NISTSP 800-53 |
| gptkbp:name |
Server-Side Request Forgery (SSRF)
|
| gptkbp:related_to |
gptkb:CWE-601
gptkb:CWE-74 gptkb:CWE-20 |