Network misconfigurations

Azure Key vault is publicly accessible

Platform(s)
Compliance Frameworks
  • CPRA
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • Microsoft Cloud Security Benchmark
  • ,
  • Mitre ATT&CK
  • ,
  • mpa
  • ,
  • NIST 800-53
  • ,
  • Orca Best Practices

Description

By default, when you create a new key vault, the Azure Key Vault firewall is disabled. It's possible to enable public access to your Key vault from trusted sources only, using Firewall and virtual networks rules.