Manual Chapter :
About SSRF
Applies To:
Show Versions
BIG-IP ASM
- 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0
About SSRF
In Server-Side Request Forgery (SSRF) attack, the attacker takes advantage of parameters that contain dynamic IP addresses or domain names which the server application invokes. Rather than letting the server access the legitimate destination, the attacker crafts a request that populates the parameter with an address of a server or file in the server that it is not allowed to access.
