An outbound network security rule allows traffic to /0.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | network |
| Provider | Azure |
| Vulnerability Type | misconfiguration |
Description#
The outbound network security rule is configured to allow traffic to all IP addresses (0.0.0.0/0), which creates an unrestricted egress path from resources in the network. This overly broad rule exposes the environment to potential data exfiltration and unauthorized external communications.
Impact#
If exploited, attackers or compromised resources could send data to any external destination, bypassing network controls and potentially leaking sensitive information. This significantly increases the risk of data breaches, command-and-control communication, and regulatory non-compliance.
Resolution#
Set a more restrictive cidr range