An ingress security group rule allows traffic from /0.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | ec2 |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description#
The security group rule permits ingress traffic from all IP addresses (0.0.0.0/0), making the associated port accessible from anywhere on the internet. This configuration exposes resources to unauthorized access by not restricting inbound connections.
Impact#
If exploited, attackers could connect to the exposed port from any location, increasing the risk of unauthorized access, brute-force attacks, or exploitation of service vulnerabilities. This could lead to data breaches, service disruption, or full system compromise.
Resolution#
Set a more restrictive cidr range