Fluid Attacks Database

Aws All Ports Open Public

Description

Detects AWS EC2 security groups configured with overly permissive rules that allow all network ports (0-65535) to be accessible. This configuration creates a significant security risk by potentially exposing EC2 instances to unauthorized access across all possible network ports.

Weakness:

024 - Unrestricted access between network segments - AWS

Category: Access Subversion

Detection Strategy

• Scans all security groups in the specified AWS region

• Identifies inbound rules (IpPermissions) that allow traffic on all ports (from port 0 to port 65535)

• Identifies outbound rules (IpPermissionsEgress) that allow traffic on all ports (from port 0 to port 65535)

• Reports a vulnerability when any security group rule is found allowing all ports (0-65535)

Severity v4.0

2.7

Low

Method ID

CSPM-ALRPL

Technique

CSPM

Target

AWS

Technology

EC2

CWE ID(s)

CWE-1327

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.