Amazon AWS Metadata Service Misconfiguration Scanner
The AWS host is configured as a proxy which allows access to the metadata service. This could allow significant access to the host/infrastructure.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month 1 day
Scan only one
Domain, IPv4
Toolbox
-
This attack abuses a misconfigured proxy that allows access to the metadata IP or a name which resolves to the IP. A standard proxy request is made to the proxy using the full metadata URL, which the proxy will fulfill to its own metadata service. The proxy may also be vulnerable to host/port enumeration on localhost or inside the private network.