An ingress Network ACL rule allows specific ports from /0.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | ec2 |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description#
The Network ACL rule permits inbound traffic on specific ports from any IP address (0.0.0.0/0), effectively exposing those ports to the entire internet. This configuration lacks restrictions on which networks can access sensitive services.
Impact#
Attackers can scan and attempt unauthorized access to exposed services (such as SSH or RDP), increasing the risk of brute-force attacks, exploitation of vulnerabilities, or unauthorized entry into the AWS environment. This can lead to data breaches, service disruption, or full compromise of cloud resources.
Resolution#
Set a more restrictive cidr range