A firewall rule allows traffic from/to the public internet
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | compute |
| Provider | OpenStack |
| Vulnerability Type | omission |
Description#
A firewall rule is configured to allow network traffic from or to the public internet without restricting source or destination IP addresses. This broad access exposes internal resources to anyone on the internet, rather than limiting connections to trusted IP ranges.
Impact#
If exploited, attackers on the public internet could reach exposed services, increasing the risk of unauthorized access, data breaches, or service disruption. Compromised resources may be used as entry points for lateral movement within the network, leading to further security incidents.
Resolution#
Employ more restrictive firewall rules