Network misconfigurations

Azure PostgreSQL flexible Server SSL enforcement disabled

Platform(s)
Compliance Frameworks

coppa, CPRA, hdh, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, mpa, NIST 800-53, PDPA, pipeda

Description

Azure Database for PostgreSQL - Flexible Server supports connecting your client applications to the PostgreSQL service using Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL). TLS is an industry standard protocol that ensures encrypted network connections between your database server and client applications, allowing you to adhere to compliance requirements. By default, secured connectivity between the client and the server is enforced. It was detected that TLS/SSL is disabled for connecting to {AzurePostgresFlexibleServer} PostgreSQL flexible server - server parameter 'require_secure_transport' is set to to 'OFF'.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo