A high-severity vulnerability, identified as CVE-2025-46385, has been discovered in multiple products, allowing for Server-Side Request Forgery (SSRF). This flaw enables a remote attacker to force an affected server to make unauthorized requests to internal network resources or external systems, potentially leading to sensitive information disclosure, internal network scanning, and further system compromise.

This vulnerability is classified as a Server-Side Request Forgery (SSRF) under CWE-918. An attacker can exploit this flaw by submitting a specially crafted URL or web request to a vulnerable application function. The application, failing to properly validate the user-supplied input, will process the malicious URL and make a request on behalf of the server. This allows the attacker to use the server as a proxy to interact with resources that are normally inaccessible from the internet, such as internal services, databases, or cloud provider metadata endpoints (e.g., AWS IMDS, Azure IMDS).

High severity with a CVSS score of 8.6. The exploitation of this vulnerability can have a significant business impact. An attacker could exfiltrate sensitive data, such as internal credentials, configuration files, or proprietary information by forcing the server to request them and return the contents. Furthermore, it enables network reconnaissance, allowing an attacker to map the internal network topology, identify open ports on other internal systems, and discover other potential vulnerabilities, thereby facilitating lateral movement and deeper compromise of the corporate network.

Immediate Action: Organizations must identify all affected products within their environment and apply the security updates provided by the respective vendors immediately. After patching, review server access logs and outbound network traffic for any signs of compromise that may have occurred prior to remediation.

Proactive Monitoring: Monitor egress traffic from application servers for any unusual outbound connections, particularly requests directed at internal IP address ranges (e.g., 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) or the localhost interface (127.0.0.1). Scrutinize web application logs for suspicious patterns in user-supplied parameters, such as the inclusion of URLs, IP addresses, or schemes like file:// or http://169.254.169.254.

Compensating Controls: If immediate patching is not feasible, implement strict egress filtering rules on the host or network firewall to block all outbound connections from the server except those that are explicitly required for business functions. A Web Application Firewall (WAF) can also be configured with rules to detect and block common SSRF attack patterns in incoming requests.

Public Exploit Available: false

Given the high CVSS score of 8.6, this vulnerability poses a significant risk to the confidentiality and integrity of the organization's network. Despite the current lack of public exploits or CISA KEV status, we strongly recommend that all organizations prioritize identifying affected assets and applying the necessary vendor patches as a matter of urgency. If patching is delayed, the compensating controls outlined above should be implemented immediately to mitigate the risk of exploitation.