Vulnerability Details
Severity:
Critical
Category:
Cloud
Description
The cloud instance metadata service (e.g., AWS IMDSv1 at 169.254.169.254) is accessible through SSRF or other vulnerabilities, exposing temporary credentials and instance configuration.
Risks
An attacker could retrieve IAM role credentials, access keys, and other sensitive metadata, enabling lateral movement, privilege escalation, or full cloud environment compromise.
Remediation
Enforce IMDSv2 (require token-based access) on all cloud instances. Block metadata service access from containers and applications that don't need it. Implement network-level controls to restrict metadata endpoint access. Monitor for unusual metadata service queries.