Azure Key Vault Public Network Access Enabled

Description

Detects Azure Key Vaults that have public network access enabled without any network access controls (ACLs) configured. This configuration could allow unrestricted public internet access to sensitive key vault resources, potentially exposing secrets, keys, and certificates to unauthorized access.

Weakness:

446 - Insecure service configuration - Azure

Category: Functionality Abuse

Detection Strategy

• Checks if public network access is set to 'Enabled' on the Azure Key Vault

• Verifies if network ACLs (Access Control Lists) are missing or not configured

• Reports a vulnerability when both conditions are true: public access is enabled AND no network ACLs are defined

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.