Insecure configuration

Asset Configuration

Risk Level

Informational (4)

Platform(s)
  • Non-platform specific

Description

The asset {asset_name} ({asset_id}) is configured to use instance metadata service version 1 and 2 (Metadata_HttpToken = {Metadata_HttpTokens}, not enforcing the use of version 2 could leave the asset vulnerable to attacks using the instance metadata service such as SSRF attacks. For more details please see https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service