SYM_CONF_0298 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
The subnet configuration assigns public IP addresses to resources by default, making them directly accessible from the internet. This increases the risk of unauthorized access if resources are not properly secured.
Impact
If exploited, attackers could connect to exposed resources such as servers or databases, potentially leading to data breaches, service disruption, or unauthorized control over your infrastructure. Publicly accessible resources are a common entry point for cyberattacks.