Missing security group for vpnGateway.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | network |
| Provider | Nifcloud |
| Vulnerability Type | omission |
Description#
The vpnGateway resource is missing an associated security group, resulting in no network traffic filtering for inbound or outbound connections. This omission exposes the vpnGateway to unrestricted network access.
Impact#
Without a security group, attackers can potentially access, compromise, or disrupt the vpnGateway by exploiting open network ports or protocols, leading to unauthorized access, data breaches, or denial of service impacting the organization’s network security.
Resolution#
Add security group for all vpnGateways