SYM_CONF_0194 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description
The Data Fusion instance is not configured as a private instance, which means it is accessible from the public internet. This increases the risk of unauthorized access to your data and services.
Impact
If left public, attackers could potentially discover and access the Data Fusion instance, leading to data exposure, service disruptions, or misuse of resources. This could compromise sensitive information and violate security or compliance requirements.