SYM_CONF_0107 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The storage account's network rules do not allow trusted Microsoft services (like Azure Backup or Azure Monitoring) to bypass network restrictions. This can cause essential Microsoft services to be blocked from accessing the storage account.
Impact
If trusted Microsoft services cannot bypass network rules, critical features like backups, logging, or monitoring may fail. This can lead to operational issues, data loss, or reduced visibility into security events, impacting the reliability and supportability of your cloud resources.