azure-postgres-connection-throttling-disabled: Azure PostgreSQL Server Connection Throttling Disabled

日期: 2025-08-01 | 影响软件: Azure PostgreSQL | POC: 已公开

漏洞描述

Ensure that "connection_throttling" server parameter is enabled for all PostgreSQL database servers provisioned within your Microsoft Azure cloud account. The "connection_throttling" parameter enables temporary connection throttling per IP address for too many invalid login failures.

PoC代码[已公开]

id: azure-postgres-connection-throttling-disabled
info:
  name: Azure PostgreSQL Server Connection Throttling Disabled
  author: princechaddha
  severity: medium
  description: |
    Ensure that "connection_throttling" server parameter is enabled for all PostgreSQL database servers provisioned within your Microsoft Azure cloud account. The "connection_throttling" parameter enables temporary connection throttling per IP address for too many invalid login failures.
  impact: |
    Disabling the "connection_throttling" server parameter exposes your PostgreSQL databases to potential brute force or DDoS attacks by not limiting the rate of failed login attempts.
  remediation: |
    Enable the "connection_throttling" server parameter on your Azure PostgreSQL servers to prevent excessive failed login attempts and mitigate potential attacks.
  reference:
    - https://docs.microsoft.com/en-us/azure/postgresql/concepts-server-parameters
  tags: cloud,devops,azure,microsoft,postgresql,azure-cloud-config

flow: |
  code(1);
  for (let ServerData of iterate(template.serverList)) {
    ServerData = JSON.parse(ServerData);
    set("name", ServerData.name);
    set("resourceGroup", ServerData.resourceGroup);
    code(2);
  }

self-contained: true
code:
  - engine:
      - sh
      - bash
    source: |
      az postgres server list --output json --query '[*].{"name":name,"resourceGroup":resourceGroup}'

    extractors:
      - type: json
        name: serverList
        internal: true
        json:
          - '.[]'

  - engine:
      - sh
      - bash
    source: |
      az postgres server configuration show --server-name "$name" --resource-group "$resourceGroup" --name connection_throttling --query 'value'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'off'

    extractors:
      - type: dsl
        dsl:
          - 'name + " in " + resourceGroup + " has connection throttling disabled"'
# digest: 4b0a00483046022100ab6d91fa46318129f1b571c113c8149e882eab80fe403024bea66ccbf74e41af022100c40dc6bef2134c8e1146942d8c36bdfb8795008412c46192e2dab3408b23c830:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./cloud/azure/postgresql/azure-postgres-connection-throttling-disabled.yaml

相关漏洞推荐