CWE-918

Server-Side Request Forgery (SSRF)

AI Translation Available

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Status

incomplete

Abstraction

base

Affected Platforms

AI/ML Web Server

Technical Details

AI Translation

Common Consequences

confidentiality integrity access control

Impacts

read application data execute unauthorized code or commands bypass protection mechanism

Detection Methods

automated static analysis

Potential Mitigations

AI Generated Translation

Common Consequences

riservatezza integrità controllo degli accessi

Impacts

leggere dati applicazione eseguire codice o comandi non autorizzati elusione del meccanismo di protezione

Detection Methods

analisi statica automatizzata

CWE-918

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Common Consequences

Impacts

Detection Methods

Potential Mitigations

Iscriviti alla newsletter