Skip to content
Threat Feed

Product

Firefighter-Incident (< 0.0.54)

1 brief RSS
critical advisory

FireFighter Unauthenticated SSRF Leads to Potential IAM Credential Theft

FireFighter versions before 0.0.54 are vulnerable to an unauthenticated server-side request forgery (SSRF) vulnerability in the `/api/v2/firefighter/raid/jira_bot` endpoint, allowing attackers to potentially steal IAM credentials in cloud environments.

firefighter-incident +1 ssrf cloud iam credential-theft
2r 2t 1i