Network misconfigurations

AWS EC2 instance allows public ingress access on Oracle port 1521

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks
  • Orca Best Practices

Description

Oracle TNS(Transparent Network Substrate) port - 1521 is used by Oracle client to connect to the database server over Oracle SQL Net protocol. Allowing inbound traffic from all external IP addresses on TNS port will let commands to be sent to the listener, the listener can be shut down, or the databases can be queried. It is a best practice to block public access, and restrict access from specific IP addresses to port 1521.
  • Recommend icon

    Recommended Mitigation

    It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.