Vulnerability Details : CVE-2023-28155
The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Vulnerability category: Server-side request forgery (SSRF)
Products affected by CVE-2023-28155
- cpe:2.3:a:request_project:request:*:*:*:*:*:node.js:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-28155
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 46 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-28155
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2023-28155
-
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-28155
-
https://security.netapp.com/advisory/ntap-20230413-0007/
CVE-2023-28155 Node.js Vulnerability in NetApp Products | NetApp Product Security
-
https://github.com/request/request/pull/3444
Ssrf fix by SzymonDrosdzol · Pull Request #3444 · request/request · GitHubPatch
-
https://github.com/request/request/issues/3442
CVE-2023-28155 Request allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect · Issue #3442 · request/request · GitHubExploit;Issue Tracking;Patch;Technical Description;Vendor Advisory
-
https://doyensec.com/resources/Doyensec_Advisory_RequestSSRF_Q12023.pdf
Exploit;Patch;Technical Description;Third Party Advisory
Jump to