Tenable Terrascan Server-Side Request Forgery Vulnerability

Vulnerability

A Server-Side Request Forgery (SSRF) vulnerability exists in Tenable Terrascan versions through 1.18.3. When running in server mode, the application allows unauthenticated remote attackers to send arbitrary URLs via the webhook_url parameter in the file scan endpoint. Terrascan then forwards the scan results to the attacker-controlled URL, including the webhook_token as a Bearer token in the Authorization header. This vulnerability is present in deployments of Terrascan server that bind to 0.0.0.0 without authentication.

Impact

Exploitation of this vulnerability allows for Server-Side Request Forgery, where an attacker can manipulate the server to send requests to unintended locations, potentially leading to unauthorized data access or interaction with internal services.

Added: May 19, 2026, 5:24 PM

Updated: May 19, 2026, 5:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.1

remediation

0.0

relevance

8.8

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.1

remediation

0.0

relevance

8.8

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenable Terrascan Server-Side Request Forgery Vulnerability

Vulnerability

Impact

Affected Products

Tenable Terrascan

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating