Skip to content

Commit

Permalink
Deploying to gh-pages from @ abe74fd 🚀
Browse files Browse the repository at this point in the history
  • Loading branch information
@hendrik-buchwald-sonarsource
hendrik-buchwald-sonarsource committed Aug 20, 2024
1 parent e8b1802 commit e182390
Show file tree
Hide file tree
Showing 6 changed files with 28 additions and 17 deletions.
2 changes: 1 addition & 1 deletion rules/S7044/csharp-metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"title":"Server-side requests should not be vulnerable to traversing attacks","type":"VULNERABILITY","code":{"impacts":{"SECURITY":"LOW"},"attribute":"COMPLETE"},"status":"ready","remediation":{"func":"Constant/Issue","constantCost":"30min"},"tags":["cwe"],"extra":{"replacementRules":[],"legacyKeys":[]},"defaultSeverity":"Major","ruleSpecification":"RSPEC-7044","sqKey":"S7044","scope":"Main","securityStandards":{"CWE":[20,918],"OWASP":["A5"],"OWASP Top 10 2021":["A10"],"PCI DSS 3.2":["6.5.1"],"PCI DSS 4.0":["6.2.4"],"ASVS 4.0":["12.6.1","5.1.3","5.1.4","5.2.6"],"STIG ASD_V5R3":["V-222609"]},"defaultQualityProfiles":["Sonar way"],"educationPrinciples":["defense_in_depth","never_trust_user_input"],"quickfix":"unknown","allKeys":["S7044"],"prUrl":"https://github.com/SonarSource/rspec/pull/4151","branch":"rule/S7044-add-java","languagesSupport":[{"name":"csharp","status":"ready"},{"name":"java","status":"ready"}]}
{"title":"Server-side requests should not be vulnerable to traversing attacks","type":"VULNERABILITY","code":{"impacts":{"SECURITY":"LOW"},"attribute":"COMPLETE"},"status":"ready","remediation":{"func":"Constant/Issue","constantCost":"30min"},"tags":["cwe"],"extra":{"replacementRules":[],"legacyKeys":[]},"defaultSeverity":"Major","ruleSpecification":"RSPEC-7044","sqKey":"S7044","scope":"Main","securityStandards":{"CWE":[20,918],"OWASP":["A5"],"OWASP Top 10 2021":["A10"],"PCI DSS 3.2":["6.5.1"],"PCI DSS 4.0":["6.2.4"],"ASVS 4.0":["12.6.1","5.1.3","5.1.4","5.2.6"],"STIG ASD_V5R3":["V-222609"]},"defaultQualityProfiles":["Sonar way"],"educationPrinciples":["defense_in_depth","never_trust_user_input"],"quickfix":"unknown","allKeys":["S7044"],"prUrl":"https://github.com/SonarSource/rspec/pull/4162","branch":"rule/S7044-add-python","languagesSupport":[{"name":"csharp","status":"ready"},{"name":"java","status":"ready"},{"name":"python","status":"ready"}]}
2 changes: 1 addition & 1 deletion rules/S7044/default-metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"title":"Server-side requests should not be vulnerable to traversing attacks","type":"VULNERABILITY","code":{"impacts":{"SECURITY":"LOW"},"attribute":"COMPLETE"},"status":"ready","remediation":{"func":"Constant/Issue","constantCost":"30min"},"tags":["cwe"],"extra":{"replacementRules":[],"legacyKeys":[]},"defaultSeverity":"Major","ruleSpecification":"RSPEC-7044","sqKey":"S7044","scope":"Main","securityStandards":{"CWE":[20,918],"OWASP":["A5"],"OWASP Top 10 2021":["A10"],"PCI DSS 3.2":["6.5.1"],"PCI DSS 4.0":["6.2.4"],"ASVS 4.0":["12.6.1","5.1.3","5.1.4","5.2.6"],"STIG ASD_V5R3":["V-222609"]},"defaultQualityProfiles":["Sonar way"],"educationPrinciples":["defense_in_depth","never_trust_user_input"],"quickfix":"unknown","allKeys":["S7044"],"prUrl":"https://github.com/SonarSource/rspec/pull/4151","branch":"rule/S7044-add-java","languagesSupport":[{"name":"csharp","status":"ready"},{"name":"java","status":"ready"}]}
{"title":"Server-side requests should not be vulnerable to traversing attacks","type":"VULNERABILITY","code":{"impacts":{"SECURITY":"LOW"},"attribute":"COMPLETE"},"status":"ready","remediation":{"func":"Constant/Issue","constantCost":"30min"},"tags":["cwe"],"extra":{"replacementRules":[],"legacyKeys":[]},"defaultSeverity":"Major","ruleSpecification":"RSPEC-7044","sqKey":"S7044","scope":"Main","securityStandards":{"CWE":[20,918],"OWASP":["A5"],"OWASP Top 10 2021":["A10"],"PCI DSS 3.2":["6.5.1"],"PCI DSS 4.0":["6.2.4"],"ASVS 4.0":["12.6.1","5.1.3","5.1.4","5.2.6"],"STIG ASD_V5R3":["V-222609"]},"defaultQualityProfiles":["Sonar way"],"educationPrinciples":["defense_in_depth","never_trust_user_input"],"quickfix":"unknown","allKeys":["S7044"],"prUrl":"https://github.com/SonarSource/rspec/pull/4162","branch":"rule/S7044-add-python","languagesSupport":[{"name":"csharp","status":"ready"},{"name":"java","status":"ready"},{"name":"python","status":"ready"}]}
2 changes: 1 addition & 1 deletion rules/S7044/java-metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"title":"Server-side requests should not be vulnerable to traversing attacks","type":"VULNERABILITY","code":{"impacts":{"SECURITY":"LOW"},"attribute":"COMPLETE"},"status":"ready","remediation":{"func":"Constant/Issue","constantCost":"30min"},"tags":["cwe"],"extra":{"replacementRules":[],"legacyKeys":[]},"defaultSeverity":"Major","ruleSpecification":"RSPEC-7044","sqKey":"S7044","scope":"Main","securityStandards":{"CWE":[20,918],"OWASP":["A5"],"OWASP Top 10 2021":["A10"],"PCI DSS 3.2":["6.5.1"],"PCI DSS 4.0":["6.2.4"],"ASVS 4.0":["12.6.1","5.1.3","5.1.4","5.2.6"],"STIG ASD_V5R3":["V-222609"]},"defaultQualityProfiles":["Sonar way"],"educationPrinciples":["defense_in_depth","never_trust_user_input"],"quickfix":"unknown","allKeys":["S7044"],"prUrl":"https://github.com/SonarSource/rspec/pull/4151","branch":"rule/S7044-add-java","languagesSupport":[{"name":"csharp","status":"ready"},{"name":"java","status":"ready"}]}
{"title":"Server-side requests should not be vulnerable to traversing attacks","type":"VULNERABILITY","code":{"impacts":{"SECURITY":"LOW"},"attribute":"COMPLETE"},"status":"ready","remediation":{"func":"Constant/Issue","constantCost":"30min"},"tags":["cwe"],"extra":{"replacementRules":[],"legacyKeys":[]},"defaultSeverity":"Major","ruleSpecification":"RSPEC-7044","sqKey":"S7044","scope":"Main","securityStandards":{"CWE":[20,918],"OWASP":["A5"],"OWASP Top 10 2021":["A10"],"PCI DSS 3.2":["6.5.1"],"PCI DSS 4.0":["6.2.4"],"ASVS 4.0":["12.6.1","5.1.3","5.1.4","5.2.6"],"STIG ASD_V5R3":["V-222609"]},"defaultQualityProfiles":["Sonar way"],"educationPrinciples":["defense_in_depth","never_trust_user_input"],"quickfix":"unknown","allKeys":["S7044"],"prUrl":"https://github.com/SonarSource/rspec/pull/4162","branch":"rule/S7044-add-python","languagesSupport":[{"name":"csharp","status":"ready"},{"name":"java","status":"ready"},{"name":"python","status":"ready"}]}
35 changes: 23 additions & 12 deletions rules/S7044/python-description.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,18 @@ <h2 id="_why_is_this_an_issue">Why is this an issue?</h2>
<div class="sect2">
<h3 id="_what_is_the_potential_impact">What is the potential impact?</h3>
<div class="paragraph">
<p>The impact of SSRF vulnerabilities can vary greatly depending on the context in
which the user input is used.</p>
</div>
<div class="sect3">
<h4 id="_api_traversal">API Traversal</h4>
<div class="paragraph">
<p>In a path traversal SSRF attack, the attacker can manipulate the path of the
server-side request to traverse through different endpoints of an API. This can
lead to several potential impacts:</p>
</div>
<div class="sect3">
<h4 id="_unauthorized_access_to_api_endpoints">Unauthorized access to API endpoints</h4>
<div class="sect4">
<h5 id="_unauthorized_access_to_api_endpoints">Unauthorized access to API endpoints</h5>
<div class="paragraph">
<p>By manipulating the path of the server-side request, an attacker can potentially
access API endpoints that are not intended to be publicly accessible. This could
Expand All @@ -37,8 +43,8 @@ <h4 id="_unauthorized_access_to_api_endpoints">Unauthorized access to API endpoi
unauthorized actions being performed on the server.</p>
</div>
</div>
<div class="sect3">
<h4 id="_manipulation_of_api_responses">Manipulation of API responses</h4>
<div class="sect4">
<h5 id="_manipulation_of_api_responses">Manipulation of API responses</h5>
<div class="paragraph">
<p>If an attacker can manipulate the path of a server-side request to traverse to
different API endpoints, they could potentially influence the responses that the
Expand All @@ -50,6 +56,7 @@ <h4 id="_manipulation_of_api_responses">Manipulation of API responses</h4>
</div>
</div>
</div>
</div>
<div class="sect1">
<h2 id="_how_to_fix_it">How to fix it</h2>
<div class="sectionbody">
Expand Down Expand Up @@ -95,16 +102,20 @@ <h3 id="_how_does_this_work">How does this work?</h3>
<div class="sect3">
<h4 id="_url_encoding">URL-encoding</h4>
<div class="paragraph">
<p>One common and effective way to prevent path traversal SSRF attacks is by
URL-encoding user input before using it as part of a URL. URL-encoding, also
known as percent-encoding, is a mechanism for encoding information in a
Uniform Resource Identifier (URI) under certain circumstances.</p>
<p>A common method to mitigate path traversal SSRF attacks involves URL-encoding
user input prior to its incorporation into a URL. URL-encoding, or
percent-encoding, is a technique used to encode certain information within a
Uniform Resource Identifier (URI). This is achieved by transforming potentially
malicious characters, such as <code>../</code>, into a safe encoded format that can be
safely included in a URL without modifying the intended path.</p>
</div>
<div class="paragraph">
<p>In the context of preventing path traversal SSRF attacks, URL-encoding can be
used to ensure that any user-supplied input is safely incorporated into a URL.
This works by converting potentially harmful characters, such as <code>../</code>, into a
safe format that can be included in a URL without altering the intended path.</p>
<p>However, it is crucial to note that simply encoding the user input might not be
sufficient in all cases due to varying behaviors of different servers.
Therefore, it is recommended to move the dynamic, user-controlled input from the
actual path of the URL to the query string, if possible. This further reduces
the risk of path traversal, as the query string is less likely to be
misinterpreted by the server as a directory traversal command.</p>
</div>
</div>
</div>
Expand Down
2 changes: 1 addition & 1 deletion rules/S7044/python-metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"title":"Server-side requests should not be vulnerable to traversing attacks","type":"VULNERABILITY","code":{"impacts":{"SECURITY":"LOW"},"attribute":"COMPLETE"},"status":"ready","remediation":{"func":"Constant/Issue","constantCost":"30min"},"tags":["cwe"],"extra":{"replacementRules":[],"legacyKeys":[]},"defaultSeverity":"Major","ruleSpecification":"RSPEC-7044","sqKey":"S7044","scope":"Main","securityStandards":{"CWE":[20,918],"OWASP":["A5"],"OWASP Top 10 2021":["A10"],"PCI DSS 3.2":["6.5.1"],"PCI DSS 4.0":["6.2.4"],"ASVS 4.0":["12.6.1","5.1.3","5.1.4","5.2.6"],"STIG ASD_V5R3":["V-222609"]},"defaultQualityProfiles":["Sonar way"],"educationPrinciples":["defense_in_depth","never_trust_user_input"],"quickfix":"unknown","allKeys":["S7044"],"prUrl":"https://github.com/SonarSource/rspec/pull/4162","branch":"rule/S7044-add-python","languagesSupport":[{"name":"csharp","status":"ready"},{"name":"python","status":"ready"}]}
{"title":"Server-side requests should not be vulnerable to traversing attacks","type":"VULNERABILITY","code":{"impacts":{"SECURITY":"LOW"},"attribute":"COMPLETE"},"status":"ready","remediation":{"func":"Constant/Issue","constantCost":"30min"},"tags":["cwe"],"extra":{"replacementRules":[],"legacyKeys":[]},"defaultSeverity":"Major","ruleSpecification":"RSPEC-7044","sqKey":"S7044","scope":"Main","securityStandards":{"CWE":[20,918],"OWASP":["A5"],"OWASP Top 10 2021":["A10"],"PCI DSS 3.2":["6.5.1"],"PCI DSS 4.0":["6.2.4"],"ASVS 4.0":["12.6.1","5.1.3","5.1.4","5.2.6"],"STIG ASD_V5R3":["V-222609"]},"defaultQualityProfiles":["Sonar way"],"educationPrinciples":["defense_in_depth","never_trust_user_input"],"quickfix":"unknown","allKeys":["S7044"],"prUrl":"https://github.com/SonarSource/rspec/pull/4162","branch":"rule/S7044-add-python","languagesSupport":[{"name":"csharp","status":"ready"},{"name":"java","status":"ready"},{"name":"python","status":"ready"}]}
2 changes: 1 addition & 1 deletion rules/rule-index.json
View file

Large diffs are not rendered by default.

0 comments on commit e182390

Please sign in to comment.