low

Oracle Apiary SSRF

Published Tue, Feb 8th, 2022

Platforms

oci

Summary

By misusing the Apiary web service and taking advantage of Apiary's use of IMDSv1, a remote attacker is able to retrieve sensitive information from various endpoints and use it to gain more access and sensitive data of other hosts in the same environment.

Affected Services

Apiary

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://orca.security/resources/blog/oracle-server-side-request-forgery-ssrf-attack-metadata/

Contributed by https://github.com/ramimac

Entry Status

Finalized

Disclosure Date

Tue, Feb 8th, 2022

Exploitability Period

-

Known ITW Exploitation

-

Detection Methods

None

Piercing Index Rating

-

Discovered by

Lidor Ben Shitrit, Orca Security

More vulnerabilities...

low

Codebuild data exfiltration

aws

When customers attach a CodeBuild project to their VPC, CodeBuild’s build container will apply the same network routing rules as defined in the customer’s VPC Security Group. However, CodeBuild EC2...

Aidan Steele
critical

SuperGlue

aws

Compromise of internal AWS Glue service to assume the glue role in any AWS account that used glue.

Yanir Tsarimi, Orca Security
critical

BreakingFormation

aws

Read access of host of AWS internal Cloudformation service via XXE SSRF. The level of access with the compromised IAM role from there is unclear.

Tzah Pahima, Orca Security
View all