Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

AEM Security Vulnerability (Bypassing CDN and Dispatcher)

Avatar

Level 2

Hello All,

 

we have pretty strong dispatcher and CDN blockers restricting only required URL's. What we noticed that once we identify a valid content path for a site, its pretty much easy to by pass CDN and dispatcher eventually increasing the CPU Utilization. If its a planned dynamic IP flood of HTTP requests with valid URL, all such requests will reach AEM (Given an example scenario)

 

Home Page - /content/site/country/language/home.html

Vulnerable URL - /content/site/country/language/home123.html (any number of such URL's can be formed and triggered from simple hacking tools)

 

Has anyone come across such use case, as I feel its pretty much a key vulnerability.

 

Recommendation from Core Engg team was to limit requests coming through CDN to a specific amount and increase AEM infra.

 

Please share in your thoughts..

 

Thanks

Abdul

0 Replies