CVE-2020-12725

Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding headers, selecting any HTTP verb, etc.
SSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
redashredash
𝑥
≤ 8.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://blog.redash.io
https://github.com/getredash/redash/commits/master
https://github.com/getredash/redash/issues/4869
https://blog.redash.io
https://github.com/getredash/redash/commits/master
https://github.com/getredash/redash/issues/4869