Securing against potential SSRF attacks in Bamboo
Attackers may use server-side request forgery (SSRF) vulnerabilities to access or modify data and resources that are not directly accessible from outside of your network.
We've been able to determine the following possible attack vectors against Bamboo:
- The
/rest/api/latest/repository/testConnection
endpoint allows scanning internal services of the victim's host. This enables the attacker to identify services through port enumeration and discover private files through file enumeration. - A harmful webhook set up by an attacker that allows them to exploit an SSRF vulnerability to scan and read internal files on the victim's host.
If you have any non-public services accessible from the machine hosting your Bamboo instance, we recommend that you enable authentication for those services to protect your network against unauthorized access.
Last modified on Jul 1, 2024
Powered by Confluence and Scroll Viewport.