TF 0135 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
SSH access should not be accessible from the Internet, should be blocked on port 22
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | network |
| Provider | Azure |
| Vulnerability Type | misconfiguration |
Description
The network security group allows inbound SSH (port 22) connections from any IP address, exposing SSH access to the entire internet. This configuration makes remote server management interfaces publicly accessible and highly susceptible to unauthorized access attempts.
Impact
Unrestricted internet access to SSH can enable attackers to attempt brute-force attacks, exploit vulnerabilities, or gain unauthorized control over cloud resources. This may lead to data breaches, service disruption, or further compromise of the organization's Azure environment.
Resolution
Block port 22 access from the internet