SYM_CONF_0052 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The PostgreSQL server is configured with public network access enabled, allowing anyone on the internet to attempt to connect. This setting exposes the database to unauthorized access and increases the risk of attacks.
Impact
If exploited, attackers could connect to the database from anywhere, potentially leading to data breaches, unauthorized data manipulation, or service disruption. This exposure can compromise sensitive information and undermine the security of your cloud environment.