Exposure of Sensitive Information to an Unauthorized Actor
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| OWASP | A01:2021 - Broken Access Control |
| Confidence Level | High |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The server is configured to listen on all network interfaces (0.0.0.0 or an empty address), which can unintentionally make it accessible from any network, including the public internet. This increases the risk of unauthorized users connecting to your service.
Impact#
If exploited, attackers could discover and access the server from outside trusted networks, potentially exposing sensitive data or internal functionality. This could lead to data breaches, unauthorized access, or further compromise of your application and infrastructure.