Skip to main content

Unrestricted ingress traffic leave assets exposed to remote attacks

  • GG_ID: GG_IAC_0021
  • Severity: HIGH
  • Complexity: LOW
  • Categories: NETWORK
  • Providers: Azure
  • Potential data exposure: True
  • Visible in logs: False
  • User interaction required: True
  • Privileges required: False

Description#

Having open ingress means that your asset is exposed to some hosts on the public internet.

  • If credentials are required to establish a connection, it still leaves open the possibility to bruteforce the credentials, or perform Denial of Service attacks.
  • If no credentials are required, or credentials have been acquired by an attacker, then the asset is fully compromised.

Impact#

  • Denial of service
  • Possible exploitation of existing vulnerabilities

Remediation guidelines#

Only allow private addresses in the CIDR range.

External documentation#