Security News > 2020 > June > IBM Maximo Asset Management servers patched against attacks
To explain: SSRF is a way that someone with possibly very limited access to your network can send a legitimate looking query to one of your servers.
If you can trick the vulnerable server into calling outside its own network by sending it an otherwise legimitate request, you may be able to capture server data such as secret authentication tokens or special HTTP headers that are usually only visible if you are already inside the network.
These leaked headers could help you to compromise other servers on network by revealing internal-only network secrets.
As you can imagine, in a giant company with a huge asset database, most users on the network will probably have some asset-related queries they're allowed to make - looking up stock levels, delivery times, service schedules and so forth - and will therefore be authenticated users, albeit with very little data they're allowed to see legitimately.
If you have an affected version but don't have an change window right now to apply the update, IBM has a server configuration workaround that will prevent the bug from being triggered, although this turns off some of the printing options provided by the system.
News URL
Related news
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- New NachoVPN attack uses rogue VPN servers to install malicious updates (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)