Skip to main content

Publicly accessible database are exposed to remote attacks

SeverityExploitabilityProvidersCategories
HIGHLOWAWSNETWORK

Description#

Publicly accessible AWS RDS instances are exposed to the whole web, and thus subject to a range of remote attacks."

Impact#

Potential data exposureVisible in logsUser interaction requiredPrivileges required
TrueFalseFalseFalse

Having public access means anyone can try and connect to the database.

  • If credentials are required to establish a connection, it still leaves open the possibility to bruteforce the credentials, or perform Denial of Service attacks.

  • If no credentials are required, or credentials have been acquired by an attacker, then the asset is fully compromised.

Remediation guidelines#

Integrate the database in a Virtual Private Cloud (VPC), and configure the VPC according to the principle of least privileges.

References#