9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-38580

CVE-2022-38580: Skipper vulnerable to SSRF via X-Skipper-Proxy

Impact

Skipper prior to version v0.13.236 is vulnerable to server-side request forgery (SSRF). An attacker can exploit a vulnerable version of proxy to access the internal metadata server or other unauthenticated URLs by adding an specific header (X-Skipper-Proxy) to the http request.

Patches

The problem was patched in version https://github.com/zalando/skipper/releases/tag/v0.13.237. Users need to upgrade to skipper >=v0.13.237.

Workarounds

Use dropRequestHeader("X-Skipper-Proxy") filter

References

https://github.com/zalando/skipper/releases/tag/v0.13.237

For more information

If you have any questions or comments about this advisory:

Open an issue in https://github.com/zalando/skipper/issues/new/choose
Chat with us in slack: https://app.slack.com/client/T029RQSE6/C82Q5JNH5

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2022-38580

CVE-2022-38580:

9.8

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/zalando/skipper	go	< 0.13.237	0.13.237

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stemmed from handling the X-Skipper-Proxy header. The removed proxyFromHeader function directly consumed the header value to set proxy destinations, while forwardToProxy propagated this value. The patch (8426343) removed header-based proxy configuration and introduced context-based passing, confirming these functions' role in the SSRF vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

9.8

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2022-38580: Skipper vulnerable to SSRF via X-Skipper-Proxy

Impact

Patches

Workarounds

References

For more information

CVE-2022-38580:

9.8

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

9.8

9.8

Technical Details

CVE-2022-38580: Skipper vulnerable to SSRF via X-Skipper-Proxy

Impact

Patches

Workarounds

References

For more information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI