Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The Azure File Sync resource is configured to allow public network access, meaning it can be reached from any internet location. This lacks proper access controls and exposes your storage to unauthorized users.
Impact#
If exploited, attackers could access, modify, or delete files stored in Azure File Sync from outside your trusted network. This could lead to data breaches, data loss, or compliance violations.