TF 0474 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
An ingress db security group rule allows traffic from /0.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | rdb |
| Provider | Nifcloud |
| Vulnerability Type | misconfiguration |
Description
The security group rule allows inbound connections from any IP address (0.0.0.0/0), exposing the database to the entire internet. This configuration lacks network-level restrictions and permits unrestricted external access.
Impact
Attackers can directly access the database from anywhere on the internet, increasing the risk of unauthorized data access, data breaches, or service disruption. This exposure can lead to significant data loss, compromise of sensitive information, or full takeover of database resources.
Resolution
Set a more restrictive cidr range