Security Research & Advisories

Server-Side Request Forgery (SSRF) in cBioPortal v6.0.8 and below

Vendor
Product cBioPortal for Cancer Genomics
Affected Version(s) v6.0.8 and below and probably prior
Tested Version(s) v6.0.8 and v5.4.10
Vendor Notification 17 June 2024
Advisory Publication 17 June 2024 [without technical details]
Vendor Fix N/A
Public Disclosure 17 July 2024
Latest Modification 17 June 2024
CVE Identifier Pending
Product Description The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets.
Credits Lim Chin Boon Security Researcher & Penetration Tester @wizlynx group

Vulnerability Details

Server-Side Request Forgery (SSRF)
Severity: High CVSS Score: 8.3 CWE-ID: CWE-918 Status: Open
Vulnerability Description
The open-source web application cBioPortal for Cancer Genomics is affected by a Server-Side Request Forgery (SSRF) vulnerability affecting v6.0.8 and below. Attackers can manipulate URLs by directing requests to unexpected hosts or ports. This tactic can deceive security measures like firewalls that typically block direct URL access. Exploiting this, attackers could use the server as a proxy to perform activities such as internal network port scanning. Attacker can also abuse the functionality on the server to read or update internal resources. The attacker may be able to read server configuration such as AWS metadata, connect to internal services like http enabled databases or perform post requests towards internal services which are not intended to be exposed.
CVSS Base Score
Attack Vector Network Scope Changed
Attack Complexity Low Confidentiality Impact Low
Privileges Required None Integrity Impact Low
User Interaction None Availability Impact Low

Description

Full details about the vulnerability will be disclosed once the vendor has provided a patch.

Top