SYM_CONF_0064 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The MySQL server is configured to allow public network access, meaning anyone on the internet can attempt to connect. This exposes the database to unauthorized access and increases the risk of attacks.
Impact
If public access is enabled, attackers could discover and attempt to exploit your MySQL server, leading to potential data breaches, data loss, or unauthorized data manipulation. This can compromise sensitive information and disrupt business operations.