Hi everyone,
I use neo4j neo4j-community-4.4.12 edition on linux platform. I have been informed about one security leak on 7474 port which is neo4j web port.
In details;
Plugin Output:
Nessus was able to exploit the issue using the following request :
GET / HTTP/1.0
Accept-Charset: iso-8859-1,utf-8;q=0.9,*;q=0.1
Accept-Language: en
Connection: Close
User-Agent: BT Guvenlik Zafiyet Tarama Sistemi
Pragma: no-cache
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
This produced the following truncated output (limited to 10 lines) :
------------------------------ snip ------------------------------
Date: Sat, 24 Sep 2022 13:07:54 GMT
Access-Control-Allow-Origin: *
Location: http://10.0.2.118:7474/browser/
------------------------------ snip -----------------------
Description: This may expose internal IP addresses that are usually hidden or masked behind a Network Address Translation (NAT) Firewall or proxy server.
There is a known issue with Microsoft IIS 4.0 doing this in its default configuration. This may also affect other web servers, web applications, web proxies, load balancers and through a variety of misconfigurations related to redirection.
How can avoid/fix this security leak ? Any suggestion ? Thanks.