TF 0490 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
RDS Publicly Accessible
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | rds |
| Provider | aws |
| Vulnerability Type | misconfiguration |
Description
RDS database instances are configured to be publicly accessible, exposing their endpoints to the internet. This setting allows external connections to the database from outside the AWS network, increasing the risk of unauthorized access.
Impact
If exploited, attackers could connect directly to the database over the internet, potentially leading to data breaches, unauthorized data manipulation, or service disruption. Public exposure makes sensitive information vulnerable and increases the attack surface for the organization.
Resolution
Remove the public endpoint from the RDS instance.