Securing Bamboo against potential SSRF attacks

Attackers may use server-side request forgery (SSRF) vulnerabilities to access or modify data and resources that are not directly accessible from outside of your network.

We've been able to determine the following possible attack vectors against Bamboo:

  • The /rest/api/latest/repository/testConnection endpoint allows scanning internal services of the victim's host. This enables the attacker to identify services through port enumeration and discover private files through file enumeration.
  • A harmful webhook set up by an attacker that allows them to exploit an SSRF vulnerability to scan and read internal files on the victim's host.

If you have any non-public services accessible from the machine hosting your Bamboo instance, we recommend that you enable authentication for those services to protect your network against unauthorized access.

最終更新日: 2022 年 2 月 23 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.