Research & Development
$ #


Server-side request forgery

5.7 (Medium)


IBM InfoSphere (Metadata Asset Manager)


Maciej Kaczorowski

IBM InfoSphere Metadata Asset Manager is vulnerable to server-side request forgery. A remote authenticated attacker could exploit this vulnerability to submit or control server requests by sending a specially crafted request.

Steps to reproduce:

  1. Go to the module Metadata Asset Manager and log in as an administrator,
  2. Go to tab: Administration -> Metadata Interchange Servers,
  3. Click on the „New” button,
  4. In the „Name” field, enter any string of characters, for example: „SSRF test”,
  5. In the „Host” field: enter hostname or IP, which you want to scan,
  6. In the „Agent HTTPS port” field, enter a port number, which you want to scan,
  7. Go to tab „Import”, then click on the „New Import Area” button,
  8. Select the previously created resource from the drop-down list next to the „Metadata interchange server” („SSRF test”) field,
  9. If the port is open, the application will return SSL exception error (see Picture 1),
  10. If the port is closed, the application will return connection error (see Picture 2).
Picture 1: Port is open
Picture 2: Port is closed
  • 25-01-2020 - Vulnerability reported to the vendor
  • 25-01-2020 - First response from the vendor
  • 13-07-2020 - Vulnerability acknowledged by the vendor
  • 03-09-2020 - Advisory published by IBM
  • 03-09-2020 - Public disclosure
  • 25-11-2021 - The PoC release