Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The Azure IoT Hub resource is configured to allow public network access, making it reachable from the internet. This exposure increases the risk of unauthorized access to your IoT Hub.
Impact#
If public network access is enabled, attackers could attempt to connect to your IoT Hub from anywhere, potentially leading to data leaks, device manipulation, or disruption of IoT services. Restricting access helps protect sensitive IoT devices and data from external threats.