Statements (22)
Predicate | Object |
---|---|
gptkbp:instance_of |
gptkb:Common_Weakness_Enumeration
|
gptkbp:description |
A weakness that allows an attacker to send crafted requests from a vulnerable server to an unintended destination.
|
gptkbp:example |
An attacker can use SSRF to access internal services.
|
gptkbp:has_weakness |
gptkb:CWE-918
|
https://www.w3.org/2000/01/rdf-schema#label |
CWE-918
|
gptkbp:impact |
Data exposure
Remote code execution Denial of service |
gptkbp:is_referenced_in |
gptkb:CWE-200
gptkb:CWE-22 gptkb:CWE-77 gptkb:NIST_SP_800-53 gptkb:OWASP_Top_Ten |
gptkbp:name |
Server-Side Request Forgery (SSRF)
|
gptkbp:prevention |
Implement input validation.
Limit network access for the application. Use a whitelist of allowed destinations. |
gptkbp:related_to |
gptkb:CWE-601
gptkb:CWE-74 gptkb:CWE-20 |
gptkbp:bfsParent |
gptkb:CWE-750
|
gptkbp:bfsLayer |
8
|