Server-Side Request Forgery (SSRF)
Description
Server-Side Request Forgery occur when a web server executes a request to a user supplied destination parameter that is not validated. Such vulnerabilities could allow an attacker to access internal services or to launch attacks from your web server.
Examples
Insecure Code
kotlin
URL url = new URL(userInput); url.openConnection();Secure Code
kotlin
String[] allowedDomains = {"example.com", "example.org"}; if (Arrays.asList(allowedDomains).contains(url.getHost())) { url.openConnection(); }Remediation
Validate user-supplied destination parameters to prevent Server-Side Request Forgery (SSRF) attacks. Use a whitelist of allowed URLs or domains, and ensure that the URL or domain is properly sanitized and validated before making the request.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0334 |
| Category | Web |
| Severity | CRITICAL |
| CWE | CWE-918 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | ssrf, injection |
| OWASP | A1:2017-Injection, A10:2021-Server-Side Request Forgery |