Azure Postgresql Unrestricted Access
Description
Detects Network Security Group (NSG) rules that allow unrestricted access to PostgreSQL database ports (5432). This poses a significant security risk as it exposes database servers to potential unauthorized access from any IP address on the internet, which could lead to data breaches or unauthorized database manipulation.
Detection Strategy
• Examines each security rule in Azure Network Security Groups
• Flags rules that allow inbound traffic to port 5432 (PostgreSQL) from any source IP address (0.0.0.0/0 or *)
• Reports a vulnerability when TCP or any (*) protocol is allowed from unrestricted source addresses to PostgreSQL ports
Severity v4.0
1.2
Low
Method ID
CSPM-CRNSR
Technique
CSPM
Target
AZURE
Technology
NETWORK_SECURITY_GROUP
CWE ID(s)
CWE-1327Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.