From bleepingcomputer.com
![](https://cert.bournemouth.ac.uk/wp-content/uploads/2023/10/image-1024x531.png)
Cloudflare’s Firewall and DDoS prevention can be bypassed through a specific attack process that leverages logic flaws in cross-tenant security controls.
This bypass could put Cloudflare’s customers under a heavy burden, rendering the protection systems of the internet firm less effective.
To make matters worse, the only requirement for the attack is for the hackers to create a free Cloudflare account, which is used as part of the attack.
However, it should be noted that the attackers must know a targeted web server’s IP address to abuse these flaws.