Server-Side Request Forgery (SSRF)

Property
Languagepython
Severitylow
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelLow
Impact LevelMedium
Likelihood LevelLow

Description

User data flows into the host portion of this manually-constructed URL. This could allow an attacker to send data to their own server, potentially exposing sensitive data such as cookies or authorization information sent with this request. They could also probe internal servers or other resources that the server running this code can access. (This is called server-side request forgery, or SSRF.) Do not allow arbitrary hosts. Instead, create an allowlist for approved hosts, or hardcode the correct host.

Server-Side Request Forgery (SSRF)

Property
Languagepython
Severityhigh
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelMedium
Impact LevelHigh
Likelihood LevelMedium

Description

User-supplied data from a web request is being used directly to build the URL for an outgoing server-side HTTP request. This allows attackers to control where your server connects, which is unsafe if not properly validated.

Impact

If exploited, an attacker could make your server send requests to internal services or arbitrary external sites, potentially exposing sensitive data, enabling attacks on internal infrastructure, or using your server as a proxy for further attacks. This can lead to data breaches, service disruptions, or unauthorized access to internal resources.

Server-Side Request Forgery (SSRF)

Property
Languagepython
Severityhigh
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelMedium
Impact LevelHigh
Likelihood LevelMedium

Description

User-supplied input from the HTTP request is being used directly to construct URLs for server-side requests with urllib without validation. This lets attackers control the destination of backend requests, which is unsafe.

Impact

An attacker could make your server send requests to internal services or sensitive resources, potentially accessing private data or performing actions on behalf of your server. This could lead to data leaks, unauthorized access to infrastructure, or be leveraged to further compromise your environment.

Server-Side Request Forgery (SSRF)

Property
Languageruby
Severitymedium
CWECWE-918: Server-Side Request Forgery (SSRF)
OWASPA10:2021 - Server-Side Request Forgery (SSRF)
Confidence LevelMedium
Impact LevelMedium
Likelihood LevelMedium

Description

The application uses user-supplied input (like params, cookies, or request headers) to build HTTP requests without validation. This allows attackers to control the destination or content of outbound requests from your server.

Impact

An attacker could trick your server into making unintended requests to internal or external systems, potentially exposing sensitive data, accessing internal resources, or being used as a proxy for malicious activity. This can lead to data breaches, unauthorized access, or service misuse.

Service accounts should not have roles assigned with excessive privileges

Property
Languageterraform
Severityhigh
Serviceiam
ProviderGoogle
Vulnerability Typemisconfiguration

Description

The configuration assigns overly broad or privileged IAM roles to Google service accounts, granting them more permissions than necessary. This increases the risk of unauthorized access if the service account is compromised.

Impact

If a service account with excessive privileges is breached, an attacker could gain control over sensitive resources, escalate privileges, and potentially take over the entire Google Cloud project or account, leading to data loss or service disruption.

Service with External IP

Property
Languageterraform
Severityhigh
Vulnerability Typeomission

Description

Defining external IP addresses in a Kubernetes Service configuration exposes the service directly to the internet, bypassing network controls and increasing exposure to external threats, including known vulnerabilities like CVE-2020-8554.

Impact

Attackers could exploit internet-exposed services to gain unauthorized access, perform network attacks, or intercept traffic, leading to data breaches, service disruption, or lateral movement within the cluster.

Resolution

Do not set spec.externalIPs

Shielded GKE nodes not enabled.

Property
Languageterraform
Severityhigh
Servicegke
ProviderGoogle
Vulnerability Typemisconfiguration

Description

GKE clusters are configured without Shielded Nodes, meaning node identity and integrity verification features are not enabled. This leaves the nodes more susceptible to tampering or unauthorized modifications.

Impact

Without Shielded Nodes, attackers could compromise the underlying node infrastructure, potentially leading to undetected node-level attacks, privilege escalation, or data breaches that jeopardize cluster security and workload integrity.

SNS topic not encrypted with CMK.

Property
Languageterraform
Severityhigh
Servicesns
ProviderAWS
Vulnerability Typemisconfiguration

Description

The SNS topic is encrypted using the default AWS-managed KMS key instead of a customer managed key (CMK), limiting control over key rotation, access policies, and lifecycle. This configuration reduces the ability to enforce strict security requirements for sensitive notifications.

Impact

Using the default AWS-managed KMS key restricts granular control over key management, making it harder to enforce access restrictions or respond to key compromise. If compromised, unauthorized users might gain access to sensitive topic data, and compliance requirements for data protection may not be met.

Spaces bucket or bucket object has public read acl set

Property
Languageterraform
Severitycritical
Servicespaces
ProviderDigitalOcean
Vulnerability Typemisconfiguration

Description

A DigitalOcean Spaces bucket or object is configured with a public read ACL, allowing anyone on the internet to access its contents without authentication. This exposes sensitive files or data stored in the bucket to unauthorized users.

Impact

If exploited, attackers or unauthorized individuals can freely read, download, or index all publicly exposed bucket files. This can lead to information disclosure, data leaks, compliance violations, or reputational damage for the organization.

Spaces buckets should have versioning enabled

Property
Languageterraform
Severitymedium
Servicespaces
ProviderDigitalOcean
Vulnerability Typeomission

Description

The Spaces bucket is created without versioning enabled, meaning only the latest version of each object is stored. This configuration lacks protection against accidental or malicious deletion or modification of data.

Impact

Without versioning, any deleted or overwritten objects in the bucket cannot be recovered, increasing the risk of permanent data loss due to user error, application bugs, or malicious actions. This can lead to data unavailability and potential disruption of business operations.