Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A05:2017 - Broken Access Control |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The Cloud Build worker pool is configured to allow external IP addresses, which means build VMs can be accessed from the public internet. This exposes your build infrastructure to potential unauthorized access.
Impact#
Attackers could exploit the public exposure to gain access to your build environment, potentially stealing sensitive code, injecting malicious changes, or disrupting builds. This threatens the security and integrity of your CI/CD pipeline and could lead to broader compromises across your cloud resources.