Manual Chapter : About SSRF

Applies To:

Show Versions Show Versions

BIG-IP ASM

  • 17.1.2, 17.1.1, 17.1.0, 17.0.0
Manual Chapter

About SSRF

In Server-Side Request Forgery (SSRF) attack, the attacker takes advantage of parameters that contain dynamic IP addresses or domain names which the server application invokes. Rather than letting the server access the legitimate destination, the attacker crafts a request that populates the parameter with an address of a server or file in the server that it is not allowed to access.