Vulnerability Database

Unauthenticated Cache Purge

Cache PURGE is used to purge the web cache. It is possible to purge specific resources, or if no parameter is given, all cached content is purged.

Attackers can issue a PURGE request for any resource and invalidate the cache. This can lead to increased bandwidth costs and degraded application performance.

Solution

Disallow cache purge requests or limit to authenticated users only.

Suite

Free
  • Suitable For Non-commercial Use
  • Limited Features
  • Cloud Storage

Suite Pro

$9500person/month
  • Suitable For Commercial Use
  • Unlimited Features
  • Cloud Storage

Ultimate

Enterprise
  • All Tools, Services, and Plans
  • Suitable For Enterprises
  • Single Sign-On Integration
  • Single Tenant
  • Dedicated Support
  • Custom Integrations
  • Annual or Monthly, Fixed-cost Billing