Publicly accessible EC2 host is running IMDSv1 and has an SSRF vulnerability

ec2
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

A publicly accessible compute instance is affected by an SSRF vulnerability and is running IMDSv1.

Using IMDSv1 increases the risk of attackers stealing your AWS IAM credentials with this vulnerability. In this scenario, attackers can abuse applications running on an EC2 instance to steal your keys and begin accessing your cloud environment. For more information, see our Datadog Security Labs article on IMDS security and why upgrading to IMDSv2 is essential.

Remediation

  1. Review the associated vulnerabilities in your service and perform remediation.
  2. Follow the Transition to using Instance Metadata Service Version 2 docs to learn how to transition and reconfigure your software.