Security Test: Partial SSRF¶
Description¶
Default Severity:
Partial SSRF happens when a server makes an external request based on user-controllable information, and an attacker can subtly influence that request. This might allow them to access internal services or data the server shouldn’t normally reach, creating a risk of unauthorized data exposure or even remote code execution. Often, developers unintentionally enable this by trusting portions of user input when building server requests, making it easier for attackers to sneak in malicious parameters. It’s dangerous because it opens an indirect path to critical internal systems that typically wouldn’t be accessible from the outside, so understanding where and how you use user inputs in server requests is key to preventing these types of vulnerabilities.
Reference:
Configuration¶
Identifier:
request_forgery/ssrf_partial
Examples¶
All configuration available:
checks:
request_forgery/ssrf_partial:
skip: false # default
options:
skip_objects: # cf. Options below
Options¶
Options can be set in the options key of the Security Test Configuration.
| Property | Type | Default | Description |
|---|---|---|---|
skip_objects | List[string] | List of object that are to be skipped by the security test. |
Compliance and Standards¶
| Standard | Value |
|---|---|
| OWASP API Top 10 | API6:2023 |
| OWASP LLM Top 10 | LLM06:2023 |
| PCI DSS | 6.5.9 |
| GDPR | Article-32 |
| SOC2 | CC1 |
| PSD2 | Article-95 |
| ISO 27001 | A.14.2 |
| NIST | SP800-53 |
| FedRAMP | AC-4 |
| CWE | 918 |
| CVSS Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:H/RL:O/RC:C |
| CVSS Score | 6.2 |