CVE-2025-10760 is a Server-Side Request Forgery (SSRF) vulnerability identified in Harness version 3.3.0, specifically within the LookupRepo function located in the app/api/controller/gitspace/lookup_repo.go source file. SSRF vulnerabilities occur when an attacker can manipulate server-side requests by controlling input parameters, in this case, the 'url' argument. This manipulation allows the attacker to coerce the server into making unauthorized requests to internal or external resources, potentially bypassing network access controls. The vulnerability is exploitable remotely without requiring user interaction or authentication, which increases its risk profile. The CVSS 4.0 base score is 5.3 (medium severity), reflecting that while the attack vector is network-based and requires low complexity, it does require low privileges on the system. The impact on confidentiality, integrity, and availability is rated low, indicating limited direct damage potential from a single exploitation, but SSRF can be a stepping stone for further attacks such as internal network reconnaissance, data exfiltration, or pivoting to other systems. The vendor was notified but has not responded, and no patches or mitigations have been published yet. Although no known exploits are currently observed in the wild, the existence of a published exploit increases the likelihood of future attacks. This vulnerability affects only Harness version 3.3.0, a continuous integration and delivery platform used by development teams to automate software deployment pipelines. The SSRF flaw could allow attackers to abuse the platform to access internal services or metadata endpoints, potentially exposing sensitive information or enabling lateral movement within an organization's infrastructure.

For European organizations using Harness 3.3.0, this SSRF vulnerability poses a moderate risk. Exploitation could allow attackers to access internal network resources that are otherwise protected by firewalls or network segmentation, potentially exposing sensitive internal APIs, configuration management databases, or cloud metadata services. This could lead to unauthorized data disclosure or facilitate further attacks such as privilege escalation or lateral movement. Organizations in sectors with high regulatory requirements, such as finance, healthcare, and critical infrastructure, could face compliance risks if internal data is exposed. Additionally, since Harness is used in software deployment pipelines, compromise could impact the integrity of software delivery, potentially leading to supply chain risks. The lack of vendor response and absence of patches increases exposure time, requiring organizations to implement compensating controls. The medium severity rating suggests that while immediate catastrophic impact is unlikely, the vulnerability should be addressed promptly to prevent exploitation, especially given the availability of a public exploit.

Given the absence of an official patch, European organizations should implement the following specific mitigations: 1) Restrict network egress from the Harness server to only trusted external endpoints using firewall rules or network segmentation to limit the SSRF attack surface. 2) Implement strict input validation and sanitization on the 'url' parameter if possible by customizing or extending the application code or using web application firewalls (WAFs) with rules to detect and block SSRF patterns. 3) Monitor network traffic originating from the Harness server for unusual or unauthorized requests to internal services or metadata endpoints. 4) Employ runtime application self-protection (RASP) or endpoint detection and response (EDR) tools to detect anomalous behavior indicative of SSRF exploitation. 5) Isolate the Harness deployment in a dedicated network segment with minimal privileges and access rights to sensitive resources. 6) Plan and test an upgrade path to a patched version once available, or consider temporary replacement of the affected Harness version with a secure alternative. 7) Educate DevOps and security teams about the risks of SSRF and the importance of monitoring and incident response readiness related to this vulnerability.