TF 0107 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
The load balancer forwarding rule is using an insecure protocol as an entrypoint
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | compute |
| Provider | DigitalOcean |
| Vulnerability Type | misconfiguration |
Description
The load balancer is configured to accept incoming traffic over plain HTTP, which transmits all data in clear text without encryption. This exposes sensitive information to interception by anyone monitoring the network.
Impact
Unencrypted HTTP traffic allows attackers to eavesdrop, capture credentials, session tokens, or other sensitive data, leading to potential data breaches, account compromise, and loss of user trust.
Resolution
Switch to HTTPS to benefit from TLS security features