| ID | Title | Description |
|---|---|---|
| CCC.LB.TH01 | Unrestricted Request Traffic Overwhelms Downstream Services | Absence of filtering or rate limiting permits malicious traffic to overload downstream services and facilitates brute-force activity. |
| CCC.LB.TH03 | Traffic Distribution Is Manipulated | Adjusting distribution policies can concentrate traffic on specific nodes causing DoS or redirect flows through unwanted paths. |
| CCC.LB.TH04 | Session Persistence Is Exploited | Improper session-affinity settings can enable session fixation or hijacking across backend targets. |
| CCC.LB.TH05 | Health Checks Are Exploited to Take Services Offline | Manipulating health-check endpoints or responses can cause healthy targets to be marked unavailable, leading to denial of service. |
| CCC.LB.TH06 | Sensitive Metadata Exposure via HTTP Headers | Response headers may reveal software versions, internal IPs, or other metadata useful for reconnaissance. |
| CCC.LB.TH07 | TLS Certificates Are Expired or Invalid | Stale or untrusted certificates weaken encrypted-traffic protection. |
Networking / Loadbalancer
Threats
Version: