Fluid Attacks Database

Description

Detects AWS RDS database instances that are potentially exposed to the internet through overly permissive VPC security group rules. This vulnerability occurs when security groups attached to RDS instances contain inbound rules with the CIDR range 0.0.0.0/0, which allows unrestricted access from any IP address.

Weakness:

109 - Unrestricted access between network segments - RDS

Category: Functionality Abuse

Detection Strategy

• Enumerates all RDS database instances in the specified AWS region

• Identifies VPC security groups attached to each RDS instance

• Inspects the inbound rules (IpPermissions) of each security group

• Reports a vulnerability if any security group rule contains the CIDR range 0.0.0.0/0

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.