Improper Access Control
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The subnet configuration assigns public IP addresses to resources by default, making them directly accessible from the internet. This increases the risk of unauthorized access if resources are not properly secured.
Impact#
If exploited, attackers could connect to exposed resources such as servers or databases, potentially leading to data breaches, service disruption, or unauthorized control over your infrastructure. Publicly accessible resources are a common entry point for cyberattacks.