Skip to main content

Networking / Loadbalancer

CCC Load Balancer Capabilities Threats

Version: DEV

IDTitleDescriptionExternal MappingsCapability MappingsControl Mappings
CCC.LB.TH01Unrestricted Request Traffic Overwhelms Downstream ServicesAbsence of filtering or rate limiting permits malicious traffic to overload downstream services and facilitates brute-force activity.
1
2
1
CCC.LB.TH03Traffic Distribution Is ManipulatedAdjusting distribution policies can concentrate traffic on specific nodes causing DoS or redirect flows through unwanted paths.
1
1
1
CCC.LB.TH04Session Persistence Is ExploitedImproper session-affinity settings can enable session fixation or hijacking across backend targets.
1
1
1
CCC.LB.TH05Health Checks Are Exploited to Take Services OfflineManipulating health-check endpoints or responses can cause healthy targets to be marked unavailable, leading to denial of service.
1
1
1
CCC.LB.TH06Sensitive Metadata Exposure via HTTP HeadersResponse headers may reveal software versions, internal IPs, or other metadata useful for reconnaissance.
1
1
0
CCC.LB.TH07TLS Certificates Are Expired or InvalidStale or untrusted certificates weaken encrypted-traffic protection.
1
1
1