SSRF Vulnerability in Harbor Prior to 2.0.1 Allows Port Scanning

SSRF Vulnerability in Harbor Prior to 2.0.1 Allows Port Scanning

CVE-2020-13788 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet.

Learn more about our Cis Benchmark Audit For Server Software.