Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
Enabling IP forwarding on an Azure Network Interface allows the VM to route network traffic that is not intended for it. This can inadvertently turn the VM into a gateway or allow unauthorized packet forwarding within your network.
Impact#
If exploited, attackers could use the VM to reroute or intercept traffic, bypassing network security controls and potentially exposing sensitive data or enabling lateral movement within your cloud environment.