Server-Side Inclusion Injection

high Web App Scanning Plugin ID 113634

Language:

Synopsis

Server-Side Inclusion Injection

Description

A Server-Side Include Injection vulnerability exists when an application embeds and evaluates unsafe user-controlled server-side include directives.

By injecting a specific payload an attacker can leverage this vulnerability to conduct a remote code execution.

Solution

Developers should avoid embedding user inputs into pages that are processed for SSI directives. If the application still requires this type of inputs, the expression syntax related to the framework being used should be sanitized prior processing it.

See Also

https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/08-Testing_for_SSI_Injection.html

Plugin Details

Severity: High

ID: 113634

Type: remote

Family: Injection

Published: 2/22/2023

Updated: 8/9/2023

Scan Template: full, pci, scan

Risk Information

VPR

Risk Factor: Medium

Score: 5.4

CVSS v2

Risk Factor: High

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:P

CVSS Score Source: Tenable

CVSS v3

Risk Factor: High

Base Score: 8.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CVSS Score Source: Tenable

Reference Information

CWE: 116, 159, 96

OWASP: 2021-A3

WASC: Improper Output Handling

CAPEC: 104, 110, 73, 81, 85

DISA STIG: APSC-DV-002560

HIPAA: 164.306(a)(1), 164.306(a)(2)

ISO: 27001-A.14.2.5

NIST: sp800_53-SI-10

OWASP API: 2019-API8

OWASP ASVS: 4.0.2-5.2.1, 4.0.2-5.2.7

PCI-DSS: 3.2-6.5, 3.2-6.5.1