Network misconfigurations

AWS EC2 instance allows public ingress access on PostgreSQL port 5432

Platform(s)
Compliance Frameworks

CCPA, Data Security Posture Management (DSPM) Best Practices, Mitre ATT&CK, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, Orca Best Practices, UK Cyber Essentials

Description

PostgreSQL - 5432 is used by SQL server to listen for client requests. Allowing inbound traffic from all external IP addresses on PostgreSQL port is vulnerable to postgresql exploit. It is a best practice to block public access, and restrict access from specific IP addresses to port 5432.