TF 0054 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
An inbound network security rule allows traffic from /0.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | network |
| Provider | Azure |
| Vulnerability Type | misconfiguration |
Description
The network security rule is configured to allow inbound traffic from any IP address (0.0.0.0/0), exposing the resource to the entire internet. This overly broad rule bypasses network segmentation and makes the resource accessible to unauthorized parties.
Impact
If exploited, attackers anywhere on the internet can reach the exposed port, increasing the risk of unauthorized access, data breaches, and service disruption. This significantly elevates the attack surface and can lead to compromise of sensitive systems or data within the Azure environment.
Resolution
Set a more restrictive cidr range