Fluid Attacks Database

Description

Detects AWS EC2 launch templates that do not specify any security groups, which results in the use of the default VPC security group. Using the default security group is considered a security risk as it may have overly permissive default rules and doesn't follow the principle of least privilege.

Weakness:

177 - Insecure service configuration - Security Groups

Category: Functionality Abuse

Detection Strategy

• Checks EC2 launch template versions for security group configurations

• Reports a vulnerability if neither SecurityGroups nor SecurityGroupIds are specified in the launch template

• Only examines the latest version ($Latest) of each launch template

• Considers both standalone security group configurations and network interface configurations

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.