Information Disclosure via X-Backside-Transport Header
Description
The 'X-Backside-Transport' header can expose internal details about how requests are being routed or handled by upstream servers, load balancers, or proxies. Attackers who learn these routing specifics may craft targeted exploits, bypass security controls, or manipulate traffic flows. For instance, they could identify backend server types, specific internal paths, or even potential misconfigurations. Disclosing this header ultimately undermines the security-by-obscurity approach, offering malicious actors extra insights into infrastructure components, which can aid in recon and subsequent, more sophisticated attacks.
Remediation
Remove or sanitize the 'X-Backside-Transport' header so that it is not exposed to external clients. Adjust server, reverse proxy, or load balancer settings to avoid leaking this information in responses. Keep proxy and backend configurations secure and up-to-date, applying relevant patches to address known exploits. Consider implementing a Web Application Firewall (WAF) or network-level intrusion detection system to monitor and block suspicious traffic patterns targeting internal routing details. Regularly audit response headers and proxy configurations to ensure sensitive infrastructure data is not inadvertently disclosed.
References
https://owasp.org/www-community/attacks/Information_exposurehttps://developer.mozilla.org/en-US/docs/Web/HTTP/HeadersSeverity
MEDIUMOwasp
Code: A05:2021
Category: Security Misconfiguration
Classification
5.3
5.3