diff --git a/rules/S7044/impact.adoc b/rules/S7044/impact.adoc index e4fabb68d95..9cd0f6a817d 100644 --- a/rules/S7044/impact.adoc +++ b/rules/S7044/impact.adoc @@ -1,10 +1,15 @@ === What is the potential impact? +The impact of partial SSRF vulnerability can vary greatly depending on the +context in which the user input is used. + +==== API Traversal + In a path traversal SSRF attack, the attacker can manipulate the path of the server-side request to traverse through different endpoints of an API. This can lead to several potential impacts: -==== Unauthorized access to API endpoints +===== Unauthorized access to API endpoints By manipulating the path of the server-side request, an attacker can potentially access API endpoints that are not intended to be publicly accessible. This could @@ -12,7 +17,7 @@ include endpoints that provide access to sensitive data or functionality. Unauthorized access to these endpoints could lead to data breaches or unauthorized actions being performed on the server. -==== Manipulation of API responses +===== Manipulation of API responses If an attacker can manipulate the path of a server-side request to traverse to different API endpoints, they could potentially influence the responses that the @@ -20,3 +25,24 @@ server sends back. This could lead to incorrect or misleading data being returned, which could have a variety of impacts depending on the nature of the application and the data involved. +==== Parameter Pollution + +Partial SSRF vulnerabilities can also lead to a situation known as parameter +pollution. This occurs when an attacker is able to manipulate the path of a +server-side request to include additional parameters or to overwrite existing +ones. + +===== Manipulation of application behavior + +Parameter pollution can lead to unexpected application behavior. By adding or +modifying parameters, an attacker can potentially change the way the application +processes the request. This could lead to unauthorized actions being performed, +or sensitive data being exposed. + +===== Bypassing security controls + +In some cases, parameter pollution can be used to bypass security controls. For +example, an attacker might be able to overwrite a security-related parameter to +weaken the application's defenses. This could potentially allow the attacker to +carry out further attacks that would otherwise be prevented. +