Azure Smtp Unrestricted Access
Description
Detects Azure Network Security Groups (NSGs) that allow unrestricted SMTP access from any source IP address. This misconfiguration could enable malicious actors to abuse email servers or conduct email-based attacks by connecting to port 25 from anywhere on the internet.
Detection Strategy
• Examines each Network Security Group's security rules for inbound access configurations
• Identifies rules that allow access to SMTP port 25 via TCP protocol
• Flags rules where source IP address is set to any ('*', '0.0.0.0/0', 'Internet', etc.)
• Reports a vulnerability when unrestricted SMTP access is found in any security rule
Severity v4.0
1.2
Low
Method ID
CSPM-CDRTD
Technique
CSPM
Target
AZURE
Technology
NETWORK_SECURITY_GROUP
CWE ID(s)
CWE-1327Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.