> ## Documentation Index
> Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# A10:2021  - Server-Side Request Forgery (SSRF)

> Security rules for Server-Side Request Forgery (SSRF) vulnerabilities. SSRF flaws occur when a web application fetches a remote resource without validating the user-supplied URL. This allows attackers to force the applica

SSRF flaws occur when a web application fetches a remote resource without validating the user-supplied URL. This allows attackers to force the application to send crafted requests to unexpected destinations, even when protected by a firewall, VPN, or network ACL.

<Info>
  CodeAnt AI detects **Server-Side Request Forgery (SSRF)** vulnerabilities across **12 languages**: Python, Java, JavaScript, Go, C#, Ruby, PHP, Kotlin, Rust, Scala, C++, Terraform.
</Info>

***

## Detected Vulnerabilities

<AccordionGroup>
  <Accordion title="CWE-918: Server-Side Request Forgery (SSRF)">
    **Severity:** **Critical**

    ### Description

    The application accepts user-supplied URLs and makes server-side HTTP requests to those URLs without sufficient validation, allowing attackers to target internal services.

    ### Impact

    Access to internal services, cloud metadata endpoints (169.254.169.254), internal APIs, and other network resources not intended to be publicly accessible. Can lead to credential theft, data exfiltration, and remote code execution.

    ### Remediation

    Validate and sanitize all user-supplied URLs. Use allowlists for permitted domains and IP ranges. Block requests to private IP ranges and metadata endpoints. Use network segmentation to limit server-side request capabilities.
  </Accordion>

  <Accordion title="CWE-441: Unintended Proxy or Intermediary (Confused Deputy)">
    **Severity:** **High**

    ### Description

    The application can be tricked into making requests on behalf of an attacker, acting as a confused deputy that leverages its own elevated privileges to access restricted resources.

    ### Impact

    Attackers leverage the application's network position and credentials to access cloud metadata, internal microservices, databases, and other resources behind the network perimeter.

    ### Remediation

    Implement strict URL validation. Deny requests to internal IP ranges. Use dedicated service accounts with minimal permissions. Implement request signing for internal service communication.
  </Accordion>
</AccordionGroup>