Azure Flex Server Firewall Public Access
Description
Detects Azure PostgreSQL Flexible Servers configured with firewall rules that allow unrestricted public network access. Such configurations expose the database server to potential unauthorized access from the internet, increasing the risk of data breaches and unauthorized database access.
Detection Strategy
• Checks if public network access is explicitly enabled on the PostgreSQL Flexible Server
• Examines the firewall rules' start and end IP address ranges
• Reports a vulnerability when public access is enabled and IP ranges are not properly restricted to specific addresses or ranges
Severity v4.0
1.7
Low
Method ID
CSPM-DLBFF
Technique
CSPM
Target
AZURE
Technology
DB_POSTGRESQL
CWE ID(s)
CWE-602Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.