TF 0463 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Storage containers in blob storage mode should not have public access
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | storage |
| Provider | Azure |
| Vulnerability Type | misconfiguration |
Description
The configuration allows public access to Azure Blob Storage containers, meaning anyone on the internet can read data stored within them. This exposes potentially sensitive or private files without authentication controls.
Impact
If exploited, attackers can freely access and download data from the storage container, leading to data leaks, exposure of confidential information, compliance violations, and potential reputational or financial damage to the organization.
Resolution
Disable public access to storage containers