Security for everyone

Oracle Cloud Metadata Service Misconfiguration Scanner

The Oracle cloud host is configured as a proxy which allows access to the instance metadata IMDSv1 service. This could allow significant access to the host/infrastructure.

SCAN NOW

Short Info


Level

Critical

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

Oracle Cloud Metadata Service Misconfiguration Scanner Detail

This attack abuses a misconfigured proxy that allows access to the metadata IP or a name which resolves to the IP. A standard proxy request is made to the proxy using the full metadata URL, which the proxy will fulfill to its own metadata service. The proxy may also be vulnerable to host/port enumeration on localhost or inside the private network.

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture