gcloud-vpc-private-service-connect: Private Service Connect Endpoints Not Configured

日期: 2025-08-01 | 影响软件: gcloud vpc private service connect | POC: 已公开

漏洞描述

Ensure that Private Service Connect (PSC) endpoints are configured for your Virtual Private Cloud (VPC) networks. Private Service Connect creates a secure, private tunnel between your VPC network and Google's services (or your own services in another VPC) so traffic never touches the public internet. This enhances security and avoids complexities of managing public connections.

PoC代码[已公开]

id: gcloud-vpc-private-service-connect

info:
  name: Private Service Connect Endpoints Not Configured
  author: princechaddha
  severity: medium
  description: |
    Ensure that Private Service Connect (PSC) endpoints are configured for your Virtual Private Cloud (VPC) networks. Private Service Connect creates a secure, private tunnel between your VPC network and Google's services (or your own services in another VPC) so traffic never touches the public internet. This enhances security and avoids complexities of managing public connections.
  impact: |
    Without Private Service Connect endpoints, traffic between your VPC and Google services may traverse the public internet, potentially exposing your services to security risks and performance issues.
  remediation: |
    Configure Private Service Connect endpoints for your VPC networks using either the Google Cloud Console or gcloud CLI. Use the 'gcloud compute forwarding-rules create' command with appropriate parameters to set up PSC endpoints.
  reference:
    - https://www.trendmicro.com/cloudoneconformity/knowledge-base/gcp/VPC/vpc-with-private-service-connect-endpoints.html
    - https://cloud.google.com/vpc/docs/private-service-connect
  tags: cloud,devops,gcp,gcloud,vpc,networking,security,psc,gcp-cloud-config

flow: |
  code(1)
  for(let projectId of iterate(template.projectIds)){
    set("projectId", projectId)
    code(2)
  }

self-contained: true

code:
  - engine:
      - sh
      - bash
    source: |
      gcloud projects list --format="json(projectId)"

    extractors:
      - type: json
        name: projectIds
        internal: true
        json:
          - '.[].projectId'

  - engine:
      - sh
      - bash
    source: |
      gcloud compute forwarding-rules list --project=$projectId --filter="target~serviceAttachments" --format="json(name)"

    matchers:
      - type: word
        words:
          - "[]"

    extractors:
      - type: dsl
        dsl:
          - '"Project " + projectId + " has no Private Service Connect endpoints configured"'
# digest: 490a004630440220193adfbc3ad89cd8cdf6ae8283d4f8c14948fae1710ed79e1612788016f8e6d802200aa8ebf5f629f456af0fe3212421be9d01ab0da62c12d0b6cd9ef0f21c895b6c:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./cloud/gcp/vpc/gcloud-vpc-private-service-connect.yaml