Traffic to /0. allowed in firewall outbound rule

Severity	Exploitability	Providers	Categories
CRITICAL	HIGH	Google Cloud Provider	NETWORK

Description

Firewall egress filtering dictates allowed traffic initiated inside the local network and destined for a remote network.

By allowing traffic to /0. all outgoing traffic are authorized. This includes protocoles that should never be allowed to leave a local network and traffic using unplanned port.

In general, it is good practice to avoid very broad network subnet in firewall rules.

Impact

Potential data exposure	Visible in logs	User interaction required	Privileges required
True	True	False	False

Information leaks.
Unauthorized application usage.
Compromised instances.

Remediation guidelines

Define a more restrictive firewall egress rule. A log review for exfiltrated data may be relevant.

References

Google Cloud Documentation - Use VPC firewall rules
Google Cloud Documentation - Ingress and egress rules

Traffic to /0. allowed in firewall outbound rule

Description

Impact

Remediation guidelines

References

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Traffic to /0. allowed in firewall outbound rule

Description​

Impact​

Remediation guidelines​

References​

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Subscribe to our newsletter

Description

Impact

Remediation guidelines

References