Describe the bug
There is a SSRF vulnerability due to unvalidated import-url artifact URLs. The import-url command accepts arbitrary URLs (e.g., https://, http://) and passes them directly to the DownloadArtifact method. This function sends the URL as a form field (url) up to the Microcks API endpoint /api/artifact/download. The Microcks server then fetches the URL without sufficient validation, lacking an allowlist, private-IP-range blocking, or scheme restriction.
Expected behavior
The provided URL should be strictly validated before being fetched by the Microcks server. The validation should deny access to private/internal IP ranges (e.g., 169.254.169.254, localhost, 10.x.x.x), restrict schemes to only allowed protocols, or enforce an explicit allowlist to prevent arbitrary internal network access.
Actual behavior
The URL is accepted and processed without validation. When the server fetches the provided URL, an attacker can coerce the server to interact with internal networks. The secret field (for repository authentication) may also be passed along, meaning the server could be tricked into sending stored credentials to attacker-controlled external endpoints.
How to Reproduce?
- Authenticate with the Microcks CLI (e.g.,
microcks login ...).
- Run the
import-url command with a payload targeting an internal network resource or cloud metadata endpoint, such as:
microcks import-url http://169.254.169.254/latest/meta-data/
microcks import-url http://localhost:8080/api/admin/
- The CLI passes the URL to the server, and the Microcks server fetches it, acting as an SSRF proxy to the internal resource.
Microcks version or git rev
master
Install method (docker-compose, helm chart, operator, docker-desktop extension,...)
Any deployment where an attacker has CLI or API access to perform a URL import. Highly critical on Cloud environments.
Additional information
Code References:
cmd/importURL.go: The URL from arguments is handled and directly passed to DownloadArtifact.pkg/connectors/microcks_client.go: DownloadArtifact embeds the url and secret unsanitized in the POST form data submitted to the server endpoint.
Real-World Impact:
In a shared Microcks instance or CI pipeline, any user with import-url capabilities can pivot to internal network resources. In cloud deployments, this opens the door to leaking IAM credentials, probing internal networks, and extracting sensitive API responses.
Describe the bug
There is a SSRF vulnerability due to unvalidated
import-urlartifact URLs. Theimport-urlcommand accepts arbitrary URLs (e.g.,https://,http://) and passes them directly to theDownloadArtifactmethod. This function sends the URL as a form field (url) up to the Microcks API endpoint/api/artifact/download. The Microcks server then fetches the URL without sufficient validation, lacking an allowlist, private-IP-range blocking, or scheme restriction.Expected behavior
The provided URL should be strictly validated before being fetched by the Microcks server. The validation should deny access to private/internal IP ranges (e.g.,
169.254.169.254,localhost,10.x.x.x), restrict schemes to only allowed protocols, or enforce an explicit allowlist to prevent arbitrary internal network access.Actual behavior
The URL is accepted and processed without validation. When the server fetches the provided URL, an attacker can coerce the server to interact with internal networks. The
secretfield (for repository authentication) may also be passed along, meaning the server could be tricked into sending stored credentials to attacker-controlled external endpoints.How to Reproduce?
microcks login ...).import-urlcommand with a payload targeting an internal network resource or cloud metadata endpoint, such as:Microcks version or git rev
master
Install method (
docker-compose,helm chart,operator,docker-desktop extension,...)Any deployment where an attacker has CLI or API access to perform a URL import. Highly critical on Cloud environments.
Additional information
Code References:
cmd/importURL.go: The URL from arguments is handled and directly passed toDownloadArtifact.pkg/connectors/microcks_client.go:DownloadArtifactembeds theurlandsecretunsanitized in thePOSTform data submitted to the server endpoint.Real-World Impact:
In a shared Microcks instance or CI pipeline, any user with
import-urlcapabilities can pivot to internal network resources. In cloud deployments, this opens the door to leaking IAM credentials, probing internal networks, and extracting sensitive API responses.