Proxy Disclosure
Reference
Plugin Id: 40025 | CWE: 200
Resources
Remediation
To mitigate the vulnerability of Proxy Disclosure, the following steps should be taken:
-
Disable TRACE/TRACK methods: Disable the TRACE and TRACK methods on both the proxy and origin webservers. This can be achieved by modifying the server configuration files. For example, in Apache, you can add the following lines to the
.htaccess
file or the server configuration file:RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule ^ - [F]
-
Disable OPTIONS method (if applicable): If your application is not a REST/GraphQL API, you can also disable the OPTIONS method. This can be done by adding the following lines to the server configuration file:
<Limit OPTIONS> Require all denied </Limit>
Note that disabling the OPTIONS method may affect Cross-Origin Resource Sharing (CORS) settings and API access, so make sure to consider the impact on your application before implementing this step.
About
The vulnerability known as Proxy Disclosure occurs when the TRACE and/or TRACK methods are enabled on proxy and origin webservers. These methods allow an attacker to retrieve sensitive information about the software running on the servers. By sending specially crafted requests, an attacker can exploit this vulnerability to gather information that can be used for further attacks.
Risks
The risks associated with the Proxy Disclosure vulnerability include:
-
Attacker reconnaissance: An attacker can use the disclosed information to gain insights into the software running on the proxy servers. This knowledge can help them identify potential vulnerabilities or weaknesses that can be exploited.
-
Targeting the origin server: The disclosed information can also be used to target the origin server, which may have fewer resources and security measures compared to the proxies themselves. This can lead to unauthorized access, data breaches, or other malicious activities.
-
Impact on CORS settings and API access: Browsers use the OPTIONS method to check Cross-Origin Resource Sharing (CORS) settings. Disabling the OPTIONS method, as a remediation step, may affect the proper functioning of CORS and API access. It is important to carefully consider the impact on your application before implementing this step.