Azure Public Traffic Allowed
Description
Detects Azure Storage Accounts configured to allow unrestricted public network access. This poses a security risk by potentially exposing sensitive data stored in the Storage Account to the public internet without proper access controls.
Detection Strategy
• Reports a vulnerability when public_network_access is 'Enabled' AND either of these conditions is true:
• 1. The network_rule_set default_action is set to 'Allow', permitting all inbound traffic by default
• 2. The IP rules list contains overly permissive IP ranges (e.g., 0.0.0.0/0 or other broad IP ranges)
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.