Network misconfigurations

Azure PostgreSQL flexible Server SSL enforcement disabled

Platform(s)
Compliance Frameworks
  • coppa
    • ,
  • CPRA
    • ,
  • hdh
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • Mitre ATT&CK
    • ,
  • mpa
    • ,
  • NIST 800-53
    • ,
  • PDPA
    • ,
  • pipeda

Description

Azure Database for PostgreSQL - Flexible Server supports connecting your client applications to the PostgreSQL service using Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL). TLS is an industry standard protocol that ensures encrypted network connections between your database server and client applications, allowing you to adhere to compliance requirements. By default, secured connectivity between the client and the server is enforced. It was detected that TLS/SSL is disabled for connecting to {AzurePostgresFlexibleServer} PostgreSQL flexible server - server parameter 'require_secure_transport' is set to to 'OFF'.
Need help?

Get a free Security Risk Assessment. Start today

Eyebrow option

Demo the Orca Platform

In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.

Get a Demo