TF 0080 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
An ingress security group rule allows traffic from /0.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | computing |
| Provider | Nifcloud |
| Vulnerability Type | misconfiguration |
Description
The security group rule allows incoming traffic from any IP address (0.0.0.0/0), exposing resources directly to the public internet without restriction. This configuration fails to limit access to trusted sources.
Impact
Unrestricted public exposure enables attackers anywhere to scan for open ports, launch attacks, exploit vulnerabilities, or gain unauthorized access, potentially leading to data breaches, service disruption, or full compromise of the affected systems.
Resolution
Set a more restrictive cidr range