TF 0488 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
An ingress Network ACL rule allows specific ports from /0.
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | ec2 |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description
The Network ACL rule permits inbound traffic on specific ports from any IP address (0.0.0.0/0), effectively exposing those ports to the entire internet. This configuration lacks restrictions on which networks can access sensitive services.
Impact
Attackers can scan and attempt unauthorized access to exposed services (such as SSH or RDP), increasing the risk of brute-force attacks, exploitation of vulnerabilities, or unauthorized entry into the AWS environment. This can lead to data breaches, service disruption, or full compromise of cloud resources.
Resolution
Set a more restrictive cidr range