SSRF vulnerability found in Google Cloud
Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing.
It is a type of attack by the name SSRF, the attacker might cause the server to make a connection to internal-only services within the organization's infrastructure. In other cases, they may be able to force the server to connect to arbitrary external systems, potentially leaking sensitive data such as authorization credentials.
A URL parsing bug left an internal Google Cloud project open to server-side request forgery (SSRF) attacks, security researcher David Schütz has found. Now fixed, the bug, which Schütz has documented in a comprehensive video and blog post, could have allowed an attacker to access sensitive resources and possibly run malicious code.
Schütz found the bug while doing research on Discovery Documents, data structures that provide specifications for Google API services. While exploring the Discovery Documents, Schütz stumbled on an interesting service called Jobs API, whose name suggested it was an internal service.
A successful SSRF attack can often result in unauthorized actions or access to data within the organization, either in the vulnerable application itself or on other back-end systems that the application can communicate with. In some situations, the SSRF vulnerability might allow an attacker to perform arbitrary command execution.
An SSRF exploit that causes connections to external third-party systems might result in malicious onward attacks that appear to originate from the organization hosting the vulnerable application.
SSRF attacks often exploit trust relationships to escalate an attack from the vulnerable application and perform unauthorized actions. These trust relationships might exist in relation to the server itself, or in relation to other back-end systems within the same organization.
The request exposed the proxy app’s access token, which he could then use to send requests to other internal Google Cloud projects. In this particular bug, the core issue was a URL parsing bug, which lead to the SSRF,” Schütz told The Daily Swig.
Avaya inks strategic partnership with Alcatel-Lucent Enterprise
Avaya and Alcatel-Lucent Enterprise have announced at GITEX Global the next phase of their...
SunTec Business Solutions and Whatfix to drive adoption of SaaS products
SunTec Business Solutions has announced the strategic partnership and integration of its p...
Speakers call for creating an AI ecosystem for building a growth engine for Odisha, at the 3rd Odias in ML Global Conference
Entrepreneurs, technologists, policymakers, academicians, industry executives, and student...
Autodesk paves the way to power digital transformation in the Cloud
Autodesk has kicked off Autodesk University (AU) 2022, the company’s annual design c...
DSCI’s National CoE and IIT Bombay host Cybersecurity R&D Roadshow 2022
National Cybersecurity Centre of Excellence (NCoE), a joint initiative of Data Security Co...
New draft of Data Protection Bill is being worked on to augment efficient usage knowing it would be used by the industry: Additional Secretary, Meity
Speaking at the CII International Technology Summit 2022 “Technology 4.0 Adoption, A...