Learn about CVE-2020-12725, an SSRF vulnerability in Redash open-source 8.0.0 and earlier versions, allowing manipulation of HTTP requests. Find mitigation steps and best practices for protection.
Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) vulnerability in Redash open-source 8.0.0 and prior versions, potentially affecting other connectors as well.
Understanding CVE-2020-12725
This CVE involves an SSRF vulnerability in Redash that allows attackers to manipulate HTTP requests through the 'JSON' data source.
What is CVE-2020-12725?
Server-Side Request Forgery (SSRF) vulnerability via the 'JSON' data source of Redash open-source 8.0.0 and earlier versions.
The Impact of CVE-2020-12725
Technical Details of CVE-2020-12725
This section provides detailed technical information about the vulnerability.
Vulnerability Description
Affected Systems and Versions
Exploitation Mechanism
Mitigation and Prevention
Protect your systems from CVE-2020-12725 with these steps:
Immediate Steps to Take
Long-Term Security Practices
Patching and Updates