Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The SQL server is configured to allow public network access, which exposes the database to the internet. This increases the risk of unauthorized access or attacks from external sources.
Impact#
If public access is enabled, attackers could attempt to connect to the SQL server from anywhere, potentially leading to data breaches, data loss, or service disruptions. This exposure makes it easier for malicious actors to exploit weak credentials or vulnerabilities in the database server.