Azure Public Access Allowed
Description
Detects Azure Network Security Groups (NSGs) that allow inbound traffic from any public IP address. This misconfiguration could expose Azure resources to unauthorized access from the internet by having overly permissive inbound rules with public source addresses.
Detection Strategy
• Scans each Network Security Group's inbound security rules
• Reports a vulnerability when an inbound rule has: Direction set to 'Inbound', Access set to 'Allow', and source address prefixes/prefix includes public IP ranges
• Specifically looks for source addresses like '0.0.0.0/0', '*', 'Internet', or other public IP ranges that allow unrestricted public access
Severity v4.0
1.3
Low
Method ID
CSPM-AOUCT
Technique
CSPM
Target
AZURE
Technology
NETWORK_SECURITY_GROUP
CWE ID(s)
CWE-1327Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.