A penetration tester discovers that a cloud application is vulnerable to Server-Side Request Forgery (SSRF). Which of the following is a potential impact of this vulnerability?
SSRF can be used to query internal metadata services that may contain credentials.
Why this answer
SSRF allows the attacker to make requests from the server, potentially accessing internal services like metadata endpoints (e.g., http://169.254.169.254) that are not publicly accessible.