Azure Sql Firewall Allows Public Access
Description
Detects Azure SQL Database instances with firewall rules that allow broad public network access. This configuration could expose database instances to unauthorized access from the internet, increasing the risk of data breaches and unauthorized access attempts.
Detection Strategy
• Public network access is enabled on the Azure SQL Database instance
• Firewall rules include start and end IP addresses that are not valid private IP ranges
• Both start_ip_address and end_ip_address fields are present in the firewall configuration
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.