SSRF vulnerability found in Google Cloud
Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing.
It is a type of attack by the name SSRF, the attacker might cause the server to make a connection to internal-only services within the organization's infrastructure. In other cases, they may be able to force the server to connect to arbitrary external systems, potentially leaking sensitive data such as authorization credentials.
A URL parsing bug left an internal Google Cloud project open to server-side request forgery (SSRF) attacks, security researcher David Schütz has found. Now fixed, the bug, which Schütz has documented in a comprehensive video and blog post, could have allowed an attacker to access sensitive resources and possibly run malicious code.
Schütz found the bug while doing research on Discovery Documents, data structures that provide specifications for Google API services. While exploring the Discovery Documents, Schütz stumbled on an interesting service called Jobs API, whose name suggested it was an internal service.
A successful SSRF attack can often result in unauthorized actions or access to data within the organization, either in the vulnerable application itself or on other back-end systems that the application can communicate with. In some situations, the SSRF vulnerability might allow an attacker to perform arbitrary command execution.
An SSRF exploit that causes connections to external third-party systems might result in malicious onward attacks that appear to originate from the organization hosting the vulnerable application.
SSRF attacks often exploit trust relationships to escalate an attack from the vulnerable application and perform unauthorized actions. These trust relationships might exist in relation to the server itself, or in relation to other back-end systems within the same organization.
The request exposed the proxy app’s access token, which he could then use to send requests to other internal Google Cloud projects. In this particular bug, the core issue was a URL parsing bug, which lead to the SSRF,” Schütz told The Daily Swig.
With eyes on expansion, Calsoft plans to hire 1000 Employees
Calsoft is planning to hire a total of 1000 engineers over the next few quarters in P...
Newgen collaborates with Tech Mahindra to automate the finance process of Premium Credit
Newgen Software has announced that Premium Credit Limited, the leading provider of premium...
Kaspersky, policy experts discuss improving ICT supply chain resilience in APAC
For the past two years, the Asia-Pacific (APAC) region, like the rest of the world, has se...
Sydney drone spectacular sets new vision
ELEVATE Sydney, a new festival held 1-5 January, unveiled the largest drone display in the...
KDEM to ramp up the digital economy by developing cluster cities
As part of its Beyond Bengaluru initiative to ramp up the digital economy across the state...