Skip to content
Snippets Groups Projects
Open Glassfish SSRF vulnerability in /download/log endpoint
  • View options

    • Glassfish SSRF vulnerability in /download/log endpoint

  • View options
    • Open Issue created by Thomas Neidhart

    Basic information

    Project name: Glassfish

    Project id: ee4j.glassfish

    What are the affected versions?

    [6.2.5 - ?]

    Details of the issue

    I discovered SSRF vulnerability in glassfish 6.2.5 product. It's details; Vulnerable Path:https://[targetexample]:4848/download/log/?contentSourceId=LogViewer&start=56783&instanceName=server&restUrl=https%3A%2F%2Flocalhost%3A4848%2Fmanagement%2Fdomain Vulnerable parameter: restUrl OS: Ubuntu 22.04 Payload: https%3A%2F%2Flocalhost%3A4848

    The specified vulnerable parameter (restUrl) causes the SSRF vulnerability. In this way, an attacker can obtain critical and sensitive service information for the system, such as port scanning. Or, he can direct the server information to other resources within the network. This situation is shown in order below.

    image

    image

    image

    image

    • Merge request
    • Branch

    Linked items ... 0

    • Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first
    Loading Loading Loading Loading Loading Loading Loading Loading Loading Loading

    Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent