252 – Automatic information enumeration - Open ports

Description

The security group is configured to open an unnecessarily large range of ports. With the scan is possible to list the services available on the servers to know which one can be consumed.

Impact

- Scan all the system ports and access the services that are running on them. - Install backdoors on the compromised system through the open ports.

Recommendation

Securely configure the vulnerable service to be accessed only by authorized users.

Threat

Internal attacker with access to the VPC.

Expected Remediation Time

120 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: A
• Attack complexity: L
• Attack Requirements: N
• Privileges required: L
• User interaction: N
• Confidentiality (VC): L
• Integrity (VI): L
• Availability (VA): N
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: P

Requirements

• 237 - Ascertain human interaction
• 266 - Disable insecure functionalities
• 327 - Set a rate limit

Fixes

• Aws
• Go
• Java
• Ruby

Last updated

2024/02/16