Description

Acunetix determined that it was possible to access the Hasura GraphQL API without authentication. An unauthentication attacker may use this API to perform SSRF (Server-side request forgery) attacks.

Remediation

Restrict access to the Hasura GraphQL API by setting admin secret.

References

Server config examples

Related Vulnerabilities

Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12528)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2891)

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1052)

WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.4)

Piwigo Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3790)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Acumonitor SSRF