An ingress db security group rule allows traffic from /0.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | rdb |
| Provider | Nifcloud |
| Vulnerability Type | misconfiguration |
Description#
The security group rule allows inbound connections from any IP address (0.0.0.0/0), exposing the database to the entire internet. This configuration lacks network-level restrictions and permits unrestricted external access.
Impact#
Attackers can directly access the database from anywhere on the internet, increasing the risk of unauthorized data access, data breaches, or service disruption. This exposure can lead to significant data loss, compromise of sensitive information, or full takeover of database resources.
Resolution#
Set a more restrictive cidr range