TF 0418 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
An outbound network security rule allows traffic to /0.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | network |
| Provider | Azure |
| Vulnerability Type | misconfiguration |
Description
The outbound network security rule is configured to allow traffic to all IP addresses (0.0.0.0/0), which creates an unrestricted egress path from resources in the network. This overly broad rule exposes the environment to potential data exfiltration and unauthorized external communications.
Impact
If exploited, attackers or compromised resources could send data to any external destination, bypassing network controls and potentially leaking sensitive information. This significantly increases the risk of data breaches, command-and-control communication, and regulatory non-compliance.
Resolution
Set a more restrictive cidr range