CVE-2021-35391:Server Side Request Forgery (SSRF) vulnerability in Deskpro Support Desk v2021.21.6

splash
Back

Description Preview

A Server Side Request Forgery (SSRF) vulnerability (CWE-918) was discovered in Deskpro Support Desk version 2021.21.6. This vulnerability allows attackers to execute arbitrary code by sending specially crafted URLs to the server. When exploited, the vulnerability enables attackers to make requests from the server to internal or external resources, potentially accessing sensitive information or services that should not be publicly accessible.

Overview

The vulnerability exists in Deskpro Support Desk v2021.21.6, a customer support platform. The SSRF vulnerability allows attackers to manipulate the server into making requests to arbitrary destinations. This could lead to unauthorized access to internal resources, data exfiltration, or even remote code execution in certain circumstances. The vulnerability is particularly dangerous as it may allow attackers to bypass network security controls by leveraging the trusted position of the Deskpro server within the network.

Remediation

Organizations using Deskpro Support Desk should:

  1. Update to the latest version of Deskpro Support Desk that contains patches for this vulnerability.
  2. Implement network-level restrictions to limit the server's ability to make outbound connections to unauthorized destinations.
  3. Deploy a web application firewall (WAF) to help detect and block SSRF attack attempts.
  4. Regularly audit server logs for suspicious activities that might indicate exploitation attempts.
  5. Follow the principle of least privilege for service accounts running the application.
  6. Consider implementing additional input validation and URL whitelisting for all user-supplied URLs.

References

  1. Product information: http://deskpro.com
  2. Detailed exploit information: https://sayaanalam.github.io/CVE-2021-35391.html
  3. CWE-918: Server-Side Request Forgery (SSRF) - https://cwe.mitre.org/data/definitions/918.html

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Accommodation & Food Services
    Accommodation & Food Services
  2. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
  3. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  4. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  5. Construction
    Construction
  6. Educational Services
    Educational Services
  7. Finance and Insurance
    Finance and Insurance
  8. Health Care & Social Assistance
    Health Care & Social Assistance
  9. Information
    Information
  10. Management of Companies & Enterprises
    Management of Companies & Enterprises
  11. Manufacturing
    Manufacturing
  12. Mining
    Mining
  13. Other Services (except Public Administration)
    Other Services (except Public Administration)
  14. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  15. Public Administration
    Public Administration
  16. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
  17. Retail Trade
    Retail Trade
  18. Transportation & Warehousing
    Transportation & Warehousing
  19. Utilities
    Utilities
  20. Wholesale Trade
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background
Armis Vulnerability Intelligence Database