SYM_CONF_0118 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
Enabling IP forwarding on an Azure Network Interface allows the VM to route network traffic that is not intended for it. This can inadvertently turn the VM into a gateway or allow unauthorized packet forwarding within your network.
Impact
If exploited, attackers could use the VM to reroute or intercept traffic, bypassing network security controls and potentially exposing sensitive data or enabling lateral movement within your cloud environment.