Key vault should have the network acl block specified
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | keyvault |
| Provider | Azure |
| Vulnerability Type | omission |
Description#
The Azure Key Vault resource lacks a network ACL configuration, leaving it accessible from any network location. Without specifying network ACLs, unauthorized IPs can connect to the key vault without restriction.
Impact#
If exploited, attackers could gain unrestricted network access to sensitive keys and secrets stored in the key vault, increasing the risk of data breaches, credential theft, or compromise of protected resources across the organization.
Resolution#
Set a network ACL for the key vault