Server side request forgery (ssrf)

2022-10-2618:15:00

PRIOn knowledge base

www.prio-n.com

server side request forgery

api endpoint

metabase vulnerability

301 redirects

302 redirects

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.9%

JSON

The url parameter of the /api/geojson endpoint in Metabase versions <44.5 can be used to perform Server Side Request Forgery attacks. Previously implemented blacklists could be circumvented by leveraging 301 and 302 redirects.

CPENameOperatorVersion
metabaselt0.44.5

CPE	Name	Operator	Version
	metabase	lt	0.44.5

References

www.tenable.com/security/research/tra-2022-34