ADC Dreamer Posted October 3, 2023 Share Posted October 3, 2023 Dears, We moved recently to Citrix Web Application Firewall. We want to protect our websites using citrix WAF. we conducted VA and get the following vulnerability: Cloud Metadata Potentially Exposed Anyone can help how to deal with this vulnerability on citrix WAF. Link to comment
0 CarlStalhood Posted October 3, 2023 Share Posted October 3, 2023 What public cloud are you running in? You can use Responder or custom signature rules to block Host header that contains the metadata URL (e.g., 169.254.169.254) There's also a thread saying it might be a false positive - https://github.com/zaproxy/zaproxy/issues/7033 Link to comment
Question
ADC Dreamer
Dears,
We moved recently to Citrix Web Application Firewall.
We want to protect our websites using citrix WAF. we conducted VA and get the following vulnerability:
Cloud Metadata Potentially Exposed
Anyone can help how to deal with this vulnerability on citrix WAF.
Link to comment
1 answer to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now