Fluid Attacks Database

Azure Mysql Firewall Allows Public Access

Description

Detects Azure MySQL Flexible Server instances that have firewall rules allowing overly permissive public network access. This creates a security risk by potentially exposing database servers to unauthorized access from the internet, which could lead to data breaches or unauthorized database manipulation.

Weakness:

446 - Insecure service configuration - Azure

Category: Functionality Abuse

Detection Strategy

• Checks if public network access is explicitly enabled on the MySQL Flexible Server

• Examines the firewall rules' start and end IP address ranges

• Reports a vulnerability if both start and end IP addresses are invalid/overly permissive, indicating possible unrestricted access

• Triggers when firewall rules are too broad or use invalid IP ranges while public access is enabled

Severity v4.0

1.7

Low

Method ID

CSPM-A4PIB

Technique

CSPM

Target

AZURE

Technology

DB_MYSQL

CWE ID(s)

CWE-1188

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.