TF 0336 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Load balancer is exposed to the internet.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | elb |
| Provider | AWS |
| Vulnerability Type | omission |
Description
The load balancer is configured to be publicly accessible from the internet, which may unintentionally expose internal resources or services to external access. This misconfiguration increases the attack surface if the load balancer is not intended for public use.
Impact
External attackers could directly access services behind the load balancer, potentially leading to data exposure, unauthorized actions, or further network compromise. This exposure increases the risk of exploitation and can undermine the security of internal systems.
Resolution
Switch to an internal load balancer or add a tfsec ignore