Fluid Attacks Database

Description

Detects Azure Firewall application rules that are configured with overly permissive source IP addresses. Such configurations can expose services to access from any IP address on the internet, potentially allowing unauthorized access to protected resources.

Weakness:

158 - Unrestricted access between network segments - Azure AD

Category: Access Subversion

Detection Strategy

• Scans all application rule collections defined in Azure Firewalls

• Checks the source_addresses field in each application rule

• Flags rules that use overly permissive IP ranges (like 0.0.0.0/0) in their source address configuration

• Reports a vulnerability when any application rule allows unrestricted access from broad IP ranges

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.