Azure Allows Access From Any Source
Description
Detects Azure Data Lake Storage accounts that are configured to allow access from any source IP address. This configuration poses a security risk by potentially exposing sensitive data lake contents to unauthorized access from the public internet.
Detection Strategy
• Identifies Azure Storage accounts with Hierarchical Namespace (HNS) enabled, indicating Data Lake Storage Gen2 functionality
• Examines the network access settings of the Data Lake storage account
• Reports a vulnerability if public network access is enabled without IP address restrictions
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.