An ingress security group rule allows traffic from /0.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | computing |
| Provider | Nifcloud |
| Vulnerability Type | misconfiguration |
Description#
The security group rule allows incoming traffic from any IP address (0.0.0.0/0), exposing resources directly to the public internet without restriction. This configuration fails to limit access to trusted sources.
Impact#
Unrestricted public exposure enables attackers anywhere to scan for open ports, launch attacks, exploit vulnerabilities, or gain unauthorized access, potentially leading to data breaches, service disruption, or full compromise of the affected systems.
Resolution#
Set a more restrictive cidr range