Open Proxy

high Web App Scanning Plugin ID 114237

Language:

Synopsis

Open Proxy

Description

Web applications often rely on proxy server to route requests to the right web service. An Open Proxy vulnerabilities occurs when a web server is configured to act as forward proxy, allowing anyone to use it to relay web traffic. This setup can may allow an attacker to use the proxy server to make requests to an external or internal server.\n\nThe corse issue arises because the proxy does not authenticate its users, thereby offering no control over who users the server's resources or for what purpose.

Solution

Modify the proxy server configuration to disallow third-party requests or implement access control.

See Also

https://blog.projectdiscovery.io/abusing-reverse-proxies-internal-access/

https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/

https://httpd.apache.org/docs/2.4/mod/mod_proxy.html

Plugin Details

Severity: High

ID: 114237

Type: remote

Family: Web Applications

Published: 3/25/2024

Updated: 5/16/2024

Scan Template: api, full, pci, scan

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: Tenable

CVSS v3

Risk Factor: High

Base Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS Score Source: Tenable

CVSS v4

Risk Factor: High

Base Score: 7.8

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N

CVSS Score Source: Tenable

Reference Information

CWE: 441

OWASP: 2010-A6, 2013-A5, 2017-A6, 2021-A7

WASC: Application Misconfiguration

CAPEC: 111, 141, 142, 160, 21, 384, 385, 386, 387, 388, 510, 59, 60, 75, 76, 89

DISA STIG: APSC-DV-002560

HIPAA: 164.306(a)(1), 164.306(a)(2)

ISO: 27001-A.10.1, 27001-A.14.2.5

NIST: sp800_53-SI-10(5)

OWASP API: 2019-API7, 2023-API8

OWASP ASVS: 4.0.2-14.4.7

PCI-DSS: 3.2-6.5.8