Traffic from /0. allowed in firewall inbound rule
Severity | Exploitability | Providers | Categories |
---|---|---|---|
CRITICAL | HIGH | Google Cloud Provider | NETWORK |
Description
Firewall ingress filtering dictates allowed traffic initiated outside the local network and destined for a local network. It is considered the first line of defense in a network security strategy.
By allowing traffic from /0. all incoming traffic are authorized. This includes unauthorized, suspicious and harmful traffic.
In general, it is good practice to avoid very broad network subnet in firewall rules.
Impact
Potential data exposure | Visible in logs | User interaction required | Privileges required |
---|---|---|---|
True | True | False | False |
- Suspicious traffic not filtered.
- Unauthorized instance access.
- Distributed Denial of Service (DDoS) attacks vulnerability.
Remediation guidelines
Define a more restrictive firewall ingress rule. A log review may be relevant to find any unwanted connection.