Unrestricted ingress traffic leave assets exposed to remote attacks
- GG_ID: GG_IAC_0021
- Severity: HIGH
- Complexity: LOW
- Categories: NETWORK
- Providers: Azure
- Potential data exposure: True
- Visible in logs: False
- User interaction required: True
- Privileges required: False
Having open ingress means that your asset is exposed to some hosts on the public internet.
- If credentials are required to establish a connection, it still leaves open the possibility to bruteforce the credentials, or perform Denial of Service attacks.
- If no credentials are required, or credentials have been acquired by an attacker, then the asset is fully compromised.
- Denial of service
- Possible exploitation of existing vulnerabilities
Only allow private addresses in the CIDR range.