TF 0024 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
An inbound firewall rule allows traffic from /0.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | compute |
| Provider | |
| Vulnerability Type | omission |
Description
The firewall rule is configured to allow incoming traffic from any IP address (0.0.0.0/0), making the resource accessible from the entire internet. This broad source range bypasses network segmentation and exposes the service to potential unauthorized access.
Impact
Exposing ports to the public internet significantly increases the risk of external attacks, such as unauthorized access, data breaches, or exploitation of service vulnerabilities. Attackers could scan and target open ports, potentially compromising sensitive systems or data.
Resolution
Set a more restrictive cidr range