I am reading about a new attack based on Cache Poisoning on sites protected by CDN.
Looking through the CF documentation and boards, I can not see what efforts are being made.
My concern is that this attack can be made with a simple request to replace the genuine content in the cache by an error page. That would make it below the detection thresholds on the WAF since it is scanning for large amounts of bad network traffic.
We are looking for mitigation steps on the back-end, but posting this out here for any input.