SYM_CONF_0044 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The MariaDB server is configured to allow public network access, which exposes the database to the internet. This increases the risk of unauthorized access or attacks from external sources.
Impact
If public access is enabled, attackers could potentially connect to the database from anywhere, leading to data breaches, unauthorized data manipulation, or service disruption. This exposure puts sensitive data and resources at risk of compromise.