Fluid Attacks Database

Description

Detects AWS EC2 security groups configured with overly permissive inbound rules that allow access from any IP address. Security groups with rules containing '0.0.0.0/0' (IPv4) or '::/0' (IPv6) CIDR ranges represent a security risk as they allow unrestricted network access from the internet.

Weakness:

024 - Unrestricted access between network segments - AWS

Category: Access Subversion

Detection Strategy

• Security group contains at least one inbound rule with source CIDR '0.0.0.0/0' in IPv4 rules

• Security group contains at least one inbound rule with source CIDR '::/0' in IPv6 rules

• Each unrestricted CIDR rule in the security group will generate a separate vulnerability report

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.