109 – Unrestricted access between network segments - RDS
Description
Some RDS Cluster or Instances are not defined inside a Database Subnet Group.
Impact
Access to RDS services in a insecure way from the Internet.
Recommendation
Ensure that all RDS instances belong to a Database Subnet Group.
Threat
Authenticated attacker from the Internet.
Expected Remediation Time
Score 4.0
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
- Attack vector: N
- Attack complexity: L
- Attack Requirements: N
- Privileges required: H
- User interaction: N
- Confidentiality (VC): L
- Integrity (VI): L
- Availability (VA): L
- Confidentiality (SC): N
- Integrity (SI): N
- Availability (SA): N
Threat 4.0
- Exploit maturity: P