Spinnaker Template Resolution Vulnerability: Server-Side Request Forgery (SSRF)

Spinnaker Template Resolution Vulnerability: Server-Side Request Forgery (SSRF)

CVE-2020-9298 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF), which allows an attacker to send requests on behalf of Spinnaker potentially leading to sensitive data disclosure.

Learn more about our Cis Benchmark Audit For Server Software.