agorum Software GmbH Agorum Core Open Server-Side Request Forgery Vulnerability

A Server-Side Request Forgery (SSRF) vulnerability has been identified in the TunnelServlet component of agorum Software GmbH Agorum Core Open versions 11.9.2 and 11.10.1. This vulnerability allows attackers to initiate connections to arbitrary internal and external resources by sending a crafted request, potentially leading to the exposure of sensitive data.

Impact

Exploitation of this vulnerability allows for unauthorized initiation of server-side requests, which can be used to access internal resources or external sites, potentially leading to sensitive data exposure or further attacks.

Reproduction

The vulnerability can be reproduced by sending a request to the TunnelServlet endpoint with a specified tunnel address and port. The server will then make a request to the specified address, demonstrating the SSRF behavior. This can be confirmed by checking the response for content fetched from the target resource.

Remediation

Users of agorum core open can upgrade to versions 11.9.2 and 11.10.1.