Publicly accessible database are exposed to remote attacks
- GG_ID: GG_IAC_0004
- Severity: HIGH
- Complexity: HIGH
- Categories: NETWORK
- Providers: AWS
- Potential data exposure: True
- Visible in logs: False
- User interaction required: False
- Privileges required: False
#
DescriptionPublicly accessible AWS RDS instances are exposed to the whole web, and thus subject to a range of remote attacks."
#
ImpactHaving public access means anyone can try and connect to the database.
If credentials are required to establish a connection, it still leaves open the possibility to bruteforce the credentials, or perform Denial of Service attacks.
If no credentials are required, or credentials have been acquired by an attacker, then the asset is fully compromised.
#
Remediation guidelinesIntegrate the database in a Virtual Private Cloud (VPC), and configure the VPC according to the principle of least privileges.