a Server-Side Request Forgery (SSRF) in Microsoft SharePoint Server 2019 which allows remote authenticated users to send HTTP(S) requests to arbitrary URL and read the responses. The endpoint <site>/_api/web/ExecuteRemoteLOB is vulnerable to Server-Side Request Forgery (SSRF). The HTTP(S) request is highly customizable in request method, path, headers and bodies. An attacker with the ability to perform SSRF attacks can scan the internal network, check for the existence of services on the host’s local network and potentially exploit other web services.
We have tested this on the following environment:
- Windows Server 2022 + SharePoint Server 2019 – 16.0.10386.20011 (with KB5002207, May 2022 update)
Microsoft SharePoint Server 2019 <= 16.0.10386.20011 (May 2022 update)
This post was created with our nice and easy submission form. Create your post!