Details | |
---|---|
Alert ID | 90034 |
Alert Type | Active |
Status | release |
Risk | High |
CWE | |
WASC | |
Technologies Targeted | All |
Tags |
OWASP_2017_A06 OWASP_2021_A05 POLICY_API POLICY_QA_FULL |
More Info |
Scan Rule Help |
Summary
The Cloud Metadata Attack attempts to abuse a misconfigured NGINX server in order to access the instance metadata maintained by cloud service providers such as AWS, GCP and Azure. All of these providers provide metadata via an internal unroutable IP address ‘169.254.169.254’ - this can be exposed by incorrectly configured NGINX servers and accessed by using this IP address in the Host header field.